Zero-day exploits hit enterprises faster and harder
Microsoft was the most targeted vendor, with 25 zero-days exploited across its products, followed by Google with 11, Apple with eight, and Cisco and Fortinet…
Latest Cybersecurity News — Page 151
View all →
Microsoft releases urgent Office patch. Russian-state hackers pounce.
Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in…
IAM Identity Center now supports IPv6
Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts.…
New Dohdoor malware campaign targets education and health care
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Dohdoor utilizes the DNS-over-HTTPS (DoH)…
New malicious npm package ‘ambar-src’ targets developers with open source malware
Tenable Research investigated a malicious npm package with around 50,000 downloads in the public registry. We observed various detection-evasion techniques and saw it deploy multiple…
Repeater Strike: manual testing, amplified
Manual testing doesn’t have to be repetitive. In this post, we’re introducing Repeater Strike – a new AI-powered Burp Suite extension designed to automate the…
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Ravie LakshmananMar 04, 2026Threat Intelligence / Application Security Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is…
Break The Protective Shell Of Windows Defender With The Folder Redirect Technique
I. INTRO During penetration testing or red team activities, the attackers are constantly pursued by Antivirus and Endpoint Detection and Response (EDR) systems. There are…
Malicious packages for dYdX cryptocurrency exchange empties user wallets
Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and,…
Explore scaling options for AWS Directory Service for Microsoft Active Directory
You can use AWS Directory Service for Microsoft Active Directory as your primary Active Directory Forest for hosting your users’ identities. Your IT teams can…
Global coalition dismantles Tycoon 2FA phishing kit
Tycoon 2FA, a major phishing kit and platform that allowed low-skilled cybercriminals to bypass multifactor authentication and conduct large-scale adversary-in-the-middle attacks, was dismantled Wednesday by…