The HoneyMyte APT group, also known as Mustang Panda and Bronze President, continues expanding its cyber-espionage operations across Asia and…
Datadog Security Research has uncovered an active web traffic hijacking campaign that abuses malicious NGINX configurations to intercept and reroute…
Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which BleepingComputer has…
React Server Vulnerability Exploited Two months following the disclosure of CVE-2025-55182, exploitation activity targeting React Server Components has evolved from…
A sophisticated social engineering campaign targeting Windows users across the UK, using fake event invitations to silently install ScreenConnect a…
Microsoft is making a significant move to strengthen Windows security by phasing out NTLM (New Technology LAN Manager). This legacy…
ASUS has discontinued the File Shredder feature in its Business Manager software following the discovery of a critical security vulnerability,…
A new malware variant dubbed “PDFly” is abusing a heavily modified PyInstaller stub to hide its Python bytecode, forcing analysts…
More than a year after national security officials revealed that Chinese hackers had systematically infiltrated U.S. telecommunications networks, the top…
A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data….
A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted…
Attackers are again focusing on a familiar target in the network edge space, actively exploiting two critical zero-day vulnerabilities in…