data
-
Roundcube Flaws Let Attackers Execute Malicious Scripts
Roundcube, a widely used open-source webmail platform, has released critical security updates to address two significant vulnerabilities in its 1.6…
Read More » -
Amazon Identified North Korean IT Worker by Tracking Keystroke Activity
Amazon has made a shocking discovery, uncovering a North Korean imposter who was posing as a systems administrator based in…
Read More » -
Beware of Malicious Scripts in Weaponized PDF Purchase Orders
A sophisticated phishing campaign utilizing a weaponized PDF document named “NEW Purchase Order # 52177236.pdf” has been identified, employing legitimate…
Read More » -
New Lazarus and Kimsuky Infrastructure Discovered with Active Tools and Tunneling Nodes
Security researchers from Hunt.io and Acronis Threat Research Unit have made a groundbreaking discovery, uncovering a complex network of operational…
Read More » -
RansomHouse RaaS Enhances Double Extortion with Data Theft and Encryption
RansomHouse, a ransomware-as-a-service (RaaS) operation managed by the threat group Jolly Scorpius, has significantly enhanced its encryption capabilities, marking a…
Read More » -
Microsoft Desktop Window Manager Flaw Allows Privilege Escalation
A critical vulnerability has been identified in the Windows Desktop Window Manager (DWM) that could potentially allow attackers to escalate…
Read More » -
Russian Hackers Launch Attacks on Network Edge Devices in Western Critical Infrastructure
Russian state-sponsored hackers have intensified their attacks on misconfigured network edge devices across Western critical infrastructure, marking a significant shift…
Read More » -
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known…
Read More » -
Link11 Identifies Five Cybersecurity Trends Shaping European Defense Strategies in 2026
Link11, a leading European provider of web infrastructure security solutions, has released new insights highlighting five key cybersecurity developments that…
Read More » -
Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft
Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal…
Read More » -
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical vulnerability has been discovered in the JumpCloud Remote Assist for Windows agent, allowing low-privileged users to gain NT…
Read More » -
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
Cybersecurity researchers at Rapid7 Labs have discovered a new and sophisticated threat: SantaStealer, a malware-as-a-service information stealer that is being…
Read More » -
NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks
NVIDIA has issued urgent security patches for its Merlin machine learning framework, addressing two high-severity deserialization vulnerabilities that could allow…
Read More » -
EDR Process Sideloading to Conceal Malicious Activity
Initial access broker Storm-0249 has undergone a significant transformation, evolving from a mass phishing operation into a sophisticated threat actor…
Read More » -
MITRE Unveils 2025’s Top 25 Most Dangerous Software Weaknesses
MITRE has released its annual Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list for 2025, identifying the…
Read More » -
CISA Issues New Guidance for Securing UEFI Secure Boot on Enterprise Devices
The Cybersecurity and Infrastructure Security Agency (CISA) has issued critical guidance on managing UEFI Secure Boot configurations across enterprise systems,…
Read More » -
Research Findings on the Fate of Data Stolen in Phishing Attacks
Recent research conducted by Kaspersky has shed light on the entire lifecycle of data stolen during phishing attacks, exposing a…
Read More »