The eSentire Threat Response Unit (TRU) exposed a detailed and technically sophisticated ransomware campaign orchestrated by the...
cybersecurity
Proofpoint has revealed a persistent wave of adversary-in-the-middle (AiTM) phishing campaigns that exploit Microsoft OAuth applications to...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory about a critical vulnerability—CVE-2025-8286—impacting...
The Cloudflare Email Security team has exposed a wave of phishing attacks that abuse link wrapping services—typically...
Cisco Talos has released its latest Threat Intelligence Report for Q2 2025, revealing a threat landscape increasingly...
LockBit isn’t just another ransomware group—it’s an evolving threat that continues to adapt its tactics to evade...
Palo Alto Networks has announced its acquisition of Israeli cybersecurity firm CyberArk for nearly $25 billion, marking...
End-to-end encrypted email provider ProtonMail has recently unveiled Proton Authenticator, a cross-platform multi-factor authentication (MFA) app with...
WithSecure has uncovered a stealthy campaign using legitimate Remote Monitoring and Management (RMM) tools embedded in PDF...
The cybersecurity firm Gen Digital—formerly known as Symantec and Norton—has recently submitted the decryption key and tool...
Enable Security has disclosed critical vulnerabilities in Rtpengine, a popular media relay component used in Voice over...
SUSE has issued a high-severity security advisory for CVE-2025-46811, a critical vulnerability in SUSE Manager that allows...
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass...
Sophos analysts have uncovered a newly combined infection technique used by the GOLD BLADE cybercriminal group to...
In a major cybersecurity revelation, Check Point Research (CPR) has disclosed the full scale of a stealthy...
Elastic Security Labs has exposed the inner workings of NOVABLIGHT, a highly modular, NodeJS-based Malware-as-a-Service (MaaS) information...
Elastic has issued patches for two local privilege escalation (LPE) vulnerabilities affecting its popular observability tools—APM Server...
The well-known cloud storage provider Dropbox, once leveraging its expertise in data storage to introduce the password...
A severe server-side request forgery (SSRF) vulnerability has been disclosed in BentoML, a widely used Python framework...
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
In a significant finding that highlights the risks associated with emerging AI development platforms, Wiz Research has...
A critical-severity vulnerability in the popular Alone – Charity Multipurpose Non-profit WordPress Theme has left thousands of...
Trend Micro has issued a spotlight on the evolving Gunra ransomware, which has extended its reach to...