malicious
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing…
Read More » -
Qualcomm Alerts Users to Critical Flaws That Compromise the Secure Boot Process
Qualcomm Technologies, Inc. has issued an urgent security bulletin warning customers about multiple critical vulnerabilities affecting millions of devices worldwide.…
Read More » -
Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks
A sophisticated threat actor has been operating a private Out-of-band Application Security Testing (OAST) service hosted on Google Cloud infrastructure…
Read More » -
Cybercriminals Register 18,000 Holiday-Themed Domains to Launch Seasonal Scams
The holiday season has always been a magnet for increased online activity, but 2025 marks a new high-water mark in…
Read More » -
Microsoft Blocks External Scripts in Entra ID Logins to Boost Security
Microsoft has announced a significant security change to the Microsoft Entra ID sign-in experience that will block external scripts from…
Read More » -
Chrome Extension Malware Secretly Adds Hidden SOL Fees to Solana Swap Transactions
Security researchers at Socket have uncovered a deceptive Chrome extension called Crypto Copilot that masquerades as a legitimate Solana trading…
Read More » -
Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining…
Read More » -
CrowdStrike Fires Employee for Leaking Internal System Info to Hackers
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The…
Read More » -
AI-Driven Obfuscated Malicious Apps Bypassing Antivirus Detection to Deliver Malicious Payloads
Cybersecurity researchers have identified a sophisticated malware campaign leveraging artificial intelligence to enhance obfuscation techniques, enabling malicious applications to circumvent…
Read More » -
Critical Grafana Flaw Lets Attackers Escalate Privileges
Grafana Labs has released critical security patches addressing a severe vulnerability in its SCIM provisioning feature that could allow attackers…
Read More » -
Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers…
Read More » -
Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges
A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers…
Read More » -
Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques
Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion…
Read More »