The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First…
Researchers have uncovered DarkSpectre, a well-funded Chinese threat actor responsible for infecting over 8.8 million users across Chrome, Edge, and…
Dec 31, 2026Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have disclosed details of what appears to be a new strain of…
A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to…
Dec 31, 2026Ravie LakshmananAPI Security / Vulnerability IBM has disclosed details of a critical security flaw in API Connect that…
Large Language Models (LLMs) have revolutionized software development, democratizing coding capabilities for non-programmers. However, this accessibility has introduced a severe…
Two Americans who built their careers protecting companies from online threats have admitted to doing the exact opposite. Ryan Goldberg,…
APT36, also known as Transparent Tribe, has launched a new malware campaign that targets Indian government and strategic entities by…
In a worrying turn of events for the aviation industry, Korean Air has confirmed that the personal details of roughly…
NeuroSploitv2 is an AI-powered penetration testing framework that automates critical aspects of offensive security operations through advanced language models. The…
This fall’s weekslong government shutdown only added to concerns about the state of federal cybersecurity—creating the possibility of blind spots…
If 2024 was the year lawmakers talked about online age verification, 2025 was the year they actually flipped the switch.…