Researchers at DomainTools have uncovered a persistent SpyNote Android Remote Access Trojan (RAT) campaign, where threat actors...
cybersecurity
Recently, threat hunters at Huntress observed two separate incidents involving a new ransomware variant dubbed Cephalus. The...
The Underground ransomware gang is intensifying its operations, launching continuous ransomware attacks against companies worldwide, including high-profile...
Recently, there has been a surge in attacks targeting customer relationship management (CRM) systems, particularly Salesforce. Even...
The Cloud Software Group (CSG) has released urgent security updates to address three high-severity vulnerabilities affecting NetScaler...
Google revealed that its large language model (LLM)-assisted vulnerability discovery framework detected and reported a critical flaw...
The Langflow project has issued an important security advisory regarding a newly discovered vulnerability that poses a...
A newly disclosed security flaw, tracked as CVE-2025-54370, has been identified in PhpSpreadsheet, a PHP-based library that...
Security researchers have disclosed two critical vulnerabilities in DataEase, an open-source business intelligence (BI) tool designed for...
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities...
Security intelligence firm GreyNoise has sounded the alarm over a massive spike in Microsoft Remote Desktop (RDP)...
FortiGuard Labs has uncovered a rapidly spreading phishing campaign that leverages carefully crafted emails and fake websites...
TP-Link has issued a security advisory addressing a high-severity vulnerability (CVE-2025-8627) affecting its KP303 Smart Plug, warning...
Security researchers at Rapid7 have uncovered four serious vulnerabilities in Securden Unified Privileged Access Manager (PAM), a...
A new CloudSEK report has revealed a dangerous evolution in social engineering: the use of invisible prompt...
Droppers—seemingly harmless apps that secretly deliver malware—have long been a key part of Android cybercrime. But according...
For years, potentially unwanted programs (PUPs) have been associated with nuisance-level behavior—displaying ads, installing toolbars, or collecting...
The Pakistan-linked threat group APT36—also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major—has re-emerged...
Last week, the leak site DDoSecrets.com published a data dump allegedly from a workstation of a threat...
The well-known Certificate Authority Buypass has announced that it will cease issuing TLS/SSL digital certificates in October...
A high-severity zero-day vulnerability in Google Chrome’s V8 JavaScript engine, tracked as CVE-2025-5419, has been exposed, with...
Earlier, encrypted email provider ProtonMail introduced a standalone two-factor authentication (2FA) tool. One might wonder why, given...