data

March 25, 2026

Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack

Aqua Security’s vulnerability scanner, Trivy, faced a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, exploited prior…
Read More »
March 25, 2026

Obfuscated VBS and PNG Loaders Power New Open Directory Malware Campaign with RAT Payloads

A sophisticated, multi-stage delivery mechanism utilizing obfuscated Visual Basic Script (VBS) files, fileless PowerShell loaders, and payloads concealed within PNG…
Read More »
March 25, 2026

China-Backed Hackers Target Southeast Asian Military Systems in Ongoing Spy Campaign

China-linked threat actors have been identified targeting Southeast Asian military networks in a long-running cyber espionage campaign focused on intelligence…
Read More »
March 25, 2026

Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats

Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms underpinning record-breaking attacks and stealthy…
Read More »
March 25, 2026

Critical Magento Vulnerability Actively Exploited Across Thousands of Stores

A critical vulnerability called “PolyShell” is being actively exploited on Magento and Adobe Commerce platforms, putting thousands of online stores…
Read More »
March 25, 2026

New Study Reveals How Infostealer Infections Lead to Dark Web Exposure in Just 48 Hours

New research highlights how infostealer malware can rapidly convert a single careless click into full credential exposure on dark web…
Read More »
March 24, 2026

DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones

Security experts haveverified that the advanced iOS exploit chain known as DarkSword is now accessible outside of its original threat…
Read More »
March 24, 2026

Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies

A United States federal court sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as…
Read More »
March 24, 2026

Roundcube Releases Urgent Security Update to Fix Critical Bugs

Roundcube Webmail has issued an urgent security update addressing eight critical vulnerabilities discovered by independent security researchers. This release, version…
Read More »
March 23, 2026

$30 IP-KVM Flaws Could Enable BIOS-Level Enterprise Network Attacks

Recent threat research exposes a critical security crisis with low-cost IP-KVM devices, revealing nine vulnerabilities across four prominent vendors. These…
Read More »
March 23, 2026

Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems

QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network…
Read More »
March 23, 2026

Oblivion RAT Masquerades as Play Store Update to Spy on Android Users

A newly discovered Android remote access trojan (RAT) called Oblivion RAT is raising concerns across the mobile threat landscape. Marketed…
Read More »
March 23, 2026

MioLab MacOS Stealer Expands With ClickFix, Wallet Theft, Team APIs

As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) demonstrate that Macs…
Read More »
March 23, 2026

511,000+ End-of-Life IIS Instances Found Online, Raising Security Risks

Security researchers at The Shadowserver Foundation have identified a massive internet-facing attack surface, discovering more than 511,000 End-of-Life Microsoft Internet…
Read More »
March 22, 2026

AstraZeneca Data Breach Allegedly Claimed by LAPSUS$ as Internal Data Access Reported

The notorious hacking collective known as LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving multinational pharmaceutical…
Read More »
March 22, 2026

VoidStealer Malware Cracks Chrome’s Master Encryption Key with Novel Hardware Breakpoint Technique

An information stealer called VoidStealer employs a novel technique to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key…
Read More »
March 21, 2026

Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials

Ahighly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered…
Read More »
March 21, 2026

Oracle Fixes High-Severity RCE Vulnerability Affecting Identity and Web Services Platforms

Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity…
Read More »
March 20, 2026

Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave

Criminals are actively deploying the PureLog Stealer malware through a sophisticated, multi-stage assault campaign that disguises itself as legitimate copyright…
Read More »
March 20, 2026

Bamboo Data Center and Server Vulnerability Enables Remote Code Execution

Atlassian has officially patched a critical Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre platform. Formally tracked as…
Read More »

Previous page Next page