"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...

State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.

Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.

The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...

The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...

Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.

Russian APT Secret Blizzard uses ISP-level AitM attacks to deploy ApolloShadow malware on embassy devices in Moscow.

In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...

While SaaS-based SIEMs are marketed as a natural evolution, they often fall short of their on-prem predecessors in practice.

China-linked firms behind Silk Typhoon filed patents for cyber tools, revealing links to MSS and offensive hacking ops.

Threat actors abuse Proofpoint and Intermedia link wrapping to deliver phishing emails and steal Microsoft 365 credentials.

Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to ...