A critical vulnerability has been disclosed in Immich, a rapidly growing open-source project for self-hosted photo and...
cybersecurity
A recent Cybereason investigation has shed light on a highly coordinated and destructive ransomware campaign carried out...
A critical remote code execution (RCE) vulnerability has been discovered in the Symantec Endpoint Management suite, also...
A critical XML External Entity (XXE) vulnerability has been identified in multiple versions of Apache Jackrabbit, a...
For nearly a decade, Rowhammer has haunted DRAM technology, and now it has entered a new field:...
A critical vulnerability (CVE-2025-7503) has been uncovered in an IP camera manufactured by Shenzhen Liandian Communication Technology...
Phishing remains one of the most enduring threats to cybersecurity—not for a lack of technological defense, but...
Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration
Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration
Researchers from The DFIR Report, in collaboration with Proofpoint, have uncovered a stealthy and resilient variant of...
A critical security flaw in Fortinet’s FortiWeb web application firewall has been publicly weaponized, with proof-of-concept (PoC)...
CYFIRMA has uncovered a new threat model called RenderShock — a zero-click attack strategy that turns convenience...
Security researcher D3vil has uncovered and weaponized a kernel-level Use-After-Free (UAF) vulnerability—CVE-2025-38001—within the Linux networking stack. The...
In late 2024, security researchers from Unit 42 uncovered a sophisticated new variant of the malware associated...
In a warning issued by CERT/CC, multiple high-impact vulnerabilities have been identified in Gigabyte UEFI firmware that...
Axis Communications has issued a security advisory for a critical vulnerability affecting several of its flagship software...
In a concerning development for WordPress site administrators, the Patchstack team has uncovered a targeted supply chain...
In a sweeping investigation into cybercrime infrastructure, Google Threat Intelligence has exposed a vast, ongoing phishing campaign...
In a revelation from Darktrace, researchers have uncovered a highly coordinated and ongoing cybercrime campaign that uses...
Cybercriminals are once again exploiting the trust users place in popular platforms like GitHub to spread sophisticated...
The free one-year subscription is a recurring promotional campaign frequently offered by the password manager 1Password. By...
Rockwell Automation has issued a security advisory detailing two vulnerabilities affecting its Arena Simulation software. Disclosed by...
On June 21, 2025, Russian professional basketball player Daniil Kasatkin was arrested at Charles de Gaulle Airport...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-5777 to its Known Exploited Vulnerabilities...