malicious
-
Notepad++ Flaw Allows Attackers to Hijack Update Traffic and Deploy Malware
A critical security flaw in the popular text editor Notepad++ has been addressed with the release of version 8.8.9, which…
Read More » -
New DroidLock Malware Locks Android Devices and Demands Ransom Payment
A new and sophisticated threat campaign has been identified by the zLabs research team, targeting Spanish Android users with a…
Read More » -
High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability has been discovered in Ivanti Endpoint Manager (EPM), allowing unauthenticated attackers to hijack…
Read More » -
AI-Powered Analysis Exposes Massive 5,000-Domain Chinese Malware Operation
DomainTools Investigations has uncovered critical findings regarding the expansion of a massive malware-delivery network targeting Chinese-speaking users worldwide, which has…
Read More » -
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches to address two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. These…
Read More » -
Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities
Hypervisors, the invisible backbone of modern corporate IT, have become the new primary battleground for ransomware groups. According to new…
Read More » -
Hackers Exploit Delivery Receipts in Messaging Apps to Steal Users’ Private Information
A severe security flaw has been uncovered, putting billions of WhatsApp and Signal users worldwide at risk of being secretly…
Read More » -
Hackers Exploit Multiple Ad Networks to Distribute Triada Malware to Android Users
Adex, a leading anti-fraud and traffic-quality platform under AdTech Holding, has successfully identified and neutralized a complex, multi-year malware operation…
Read More » -
LOLPROX Unveils Undetected Exploitation Routes for Stealthy Hypervisor Attacks
A new security analysis has unveiled “LOLPROX,” a comprehensive catalog of “Living Off The Land” (LOL) techniques specifically targeting Proxmox…
Read More » -
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining…
Read More » -
Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data
A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket…
Read More » -
2.15M Next.js Web Services Exposed Online, Active Attacks Reported
Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as…
Read More » -
CISA, NSA Alert on BRICKSTORM Malware Targeting VMware ESXi and Windows Systems
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued…
Read More » -
PickleScan Uncovers 0-Day Vulnerabilities Allowing Arbitrary Code Execution via Malicious PyTorch Models
JFrog Security Research has uncovered three critical zero-day vulnerabilities in PickleScan, a widely-adopted industry-standard tool for scanning machine learning models…
Read More » -
Examining the Risk of AI-Assisted MedusaLocker Ransomware Attacks
Researchers at Cato CTRL have demonstrated that the feature, designed to streamline AI workflows, can be easily weaponized to deploy…
Read More » -
CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV)…
Read More »