The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in…
A highly deceptive online threat, called the ClickFix attack, is causing serious concern within the cybersecurity community after recent reports showed a massive 517% surge…
Dec 03, 2025Ravie LakshmananVulnerability / Endpoint Security Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as…
Google is expanding support for its Android’s in-call scam protection to multiple banks and financial applications in the United States. The announcement specifically mentions the addition…
A new 29.7 Tbps distributed denial-of-service (DDoS) blast from the Aisuru botnet has set a new world record for attack volume, underscoring how fragile core…
Ransomware and supply chain attacks hit their second-highest levels ever in November, as the two attack types increasingly converge, according to new research from Cyble.…
Distributed denial of service attacks rose sharply during the third-quarter, fueled by record-level attacks from the Aisuru botnet, comprising between one and four million hosts…
Microsoft has silently “mitigated” a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this security…
The decentralized finance sector witnessed a devastating breach targeting Yearn Finance’s yETH pool, resulting in the theft of approximately $9 million on November 30, 2025.…
In a brazen attempt to exploit the chaotic pre-holiday rush, Microsoft Security has detected and dismantled a large-scale phishing campaign launched on Thanksgiving Eve. The…
Attackers are using a tool called Evilginx to steal session cookies, letting them bypass the need for a multi-factor authentication (MFA) token. Researchers are warning…
The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA)…
