Cybersecurity researchers have identified a sophisticated new phishing campaign that exploits GitHub’s OAuth2 device authorization flow to compromise developer accounts and steal authentication tokens. This…
A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of critical Directory Service Accounts (DSAs),…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to…
A significant security vulnerability in HashiCorp Nomad workload orchestrator that allows attackers to escalate privileges by exploiting the Access Control List (ACL) policy lookup mechanism. …
Apple confirmed that Messages app flaw was actively exploited in the wild Pierluigi Paganini June 13, 2025 Apple confirmed that a security flaw in its…
Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has been lost. The issue has…
HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through improper…
Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring…
In April 2025, at the ITER Private Sector Fusion Workshop in Cadarache, something remarkable unfolded. In a room filled with scientists, engineers and software visionaries,…
The advanced Graphite mercenary spyware, developed by Paragon, targets journalists through a sophisticated zero-click vulnerability in Apple’s iOS. At least three European journalists have been…
HiddenLayer’s security research team has uncovered TokenBreak, a novel attack technique that bypasses AI text classification models by exploiting tokenization strategies. This vulnerability affects models…
Cybersecurity researchers have uncovered a sophisticated ransomware campaign targeting utility billing software providers through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) systems. The…
