malicious
-
2,000+ FortiClient EMS Instances Exposed Online as Attackers Exploit Active RCE Flaw
Cybersecurity researchers have issued an urgent warning for organizations using Fortinet’s FortiClient Enterprise Management Server (EMS). Over 2,000 instances of…
Read More » -
Threat Actors Weaponize Fake Microsoft Teams Domains to Target Users
North Korean state-sponsored threat actors, specifically the group known as UNC1069, are actively deploying counterfeit Microsoft Teams domains as part…
Read More » -
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been…
Read More » -
Top 10 Best Privileged Access Management (PAM) Solutions
In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and…
Read More » -
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability
Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity…
Read More » -
CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its…
Read More » -
Microsoft Forces Unmanaged Windows 11 Devices to Upgrade to Version 24H2
Microsoft has officially launched an automated, machine-learning-driven rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its…
Read More » -
New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover
Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities,…
Read More » -
Malicious Chrome Extension “ChatGPT Ad Blocker” Targets Users, Steals Conversations
Security researchers have exposed a malicious Google Chrome extension dubbed “ChatGPT Ad Blocker,” which stealthily pilfers private AI dialogues. The…
Read More » -
OpenSSH 10.3 Released With Patch for Shell Injection and Other Security Bugs
The OpenSSH project has released version 10.3 alongside its portable version 10.3p1. This major update followed a brief testing phase…
Read More » -
Axios npm Supply Chain Breach: Microsoft Shares Mitigation Steps
Microsoft hasdetailed how organizations can detect and mitigate a recent supply chain compromise involving malicious Axios npm releases and infrastructure…
Read More » -
Cisco Smart Software Manager Flaw Allowed Arbitrary Command Execution
Cisco has issued a critical security alert regarding a severe vulnerability in its Smart Software Manager On-Prem (SSM On-Perm) platform.…
Read More » -
WhatsApp Attack Chain Delivers VBS, Cloud Payloads, MSI Backdoor
A newmalware campaign leverages WhatsApp messages to deliver malicious Visual Basic Script (VBS) files to Windows systems, facilitating persistent remote…
Read More » -
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful…
Read More » -
Top 10 Best Dynamic Application Security Testing (DAST) Platforms in 2026
In today’s fast-paced software development world, where applications are released at an unprecedented rate, ensuring their security is more critical…
Read More » -
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking…
Read More » -
Google Warns of New Chrome Zero-Day Under Active Exploitation — Users Urged to Update Immediately
Google has released an urgent security update for Chrome desktop (version 146.0.7680.177/.178 for Windows/Mac, 146.0.7680.177 for Linux) to patch 21…
Read More »