The Termix project has disclosed a critical authentication bypass vulnerability in its official Docker image, exposing sensitive...
cybersecurity
The security of the open-source software supply chain was once again tested when JFrog’s security research team...
A new report from Sekoia.io’s Threat Detection & Research (TDR) team reveals how attackers are weaponizing industrial...
The U.S. Federal Communications Commission (FCC) recently and inadvertently released a 163-page PDF document in its public...
A newly disclosed local privilege escalation vulnerability, CVE-2025-41244, has been exploited as a zero-day in the wild,...
Western Digital (WD) has patched a critical vulnerability in its My Cloud NAS platforms that could allow...
Broadcom has released patches for three vulnerabilities affecting VMware vCenter Server and VMware NSX, with severities rated...
The Apache Fory project, a high-performance multi-language serialization framework, has disclosed a critical vulnerability (CVE-2025-61622) that could...
Doxense has issued an urgent security advisory addressing a critical remote code execution (RCE) vulnerability in its...
Broadcom has released patches addressing three vulnerabilities in VMware Aria Operations and VMware Tools, with severities ranging...
The Stormshield Cyber Threat Intelligence (CTI) team has uncovered new phishing infrastructure tied to APT35, also known...
The UK’s National Cyber Security Centre (NCSC) has released a detailed malware analysis report exposing RayInitiator and...
The SUSE Rancher Security Team has issued fixes for three vulnerabilities affecting Rancher Manager, with severities ranging...
Field Effect’s Threat Intelligence team has uncovered a new wave of the TamperedChef malware campaign, leveraging digitally...
Recently, eSentire’s Threat Response Unit (TRU) identified a spear-phishing campaign targeting a manufacturing client that attempted to...
Arctic Wolf has observed a major uptick in Akira ransomware activity since late July 2025, with attackers...
Huntress has published a detailed investigation into a recent intrusion campaign that began as a Python-based infostealer...
Microsoft Threat Intelligence has identified yet another variant of the XCSSET malware, a long-running macOS threat targeting...
Microsoft Threat Intelligence has revealed details of a credential phishing campaign that likely harnessed AI-generated code to...
Researchers at K7 Security Labs have uncovered a new wave of Windows shortcut (.LNK) malware that exploits...
Security researcher Puja Srivastava from Sucuri uncovered two malicious files designed to guarantee persistent attacker access by...
The Python Package Index (PyPI) is once again the target of a phishing campaign aimed at maintainers,...