malicious

September 14, 2025

AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Security Attacks

Security researchers at Straiker’s AI Research (STAR) team have uncovered Villager, an AI-native penetration testing framework developed by Chinese-based group…
Read More »
September 13, 2025

Leveraging AI to Steal Browser Data and Evade Detection

EvilAI, a new malware family tracked by Trend™ Research, has emerged in recent weeks disguised as legitimate AI-driven utilities. These…
Read More »
September 12, 2025

HybridPetya Exploits UEFI Vulnerability to Bypass Secure Boot on Legacy Systems

ESET Research has uncovered a sophisticated new ransomware variant called HybridPetya, discovered on the VirusTotal sample sharing platform. This malware…
Read More »
September 11, 2025

Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks

In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed…
Read More »
September 10, 2025

Meta Verified Scam Ads on Facebook Steal User Account Details

Content creators and small businesses are facing a sophisticated new threat targeting their Facebook accounts through deceptive advertisements promising free…
Read More »
September 9, 2025

U.S. Cracks Down on Scam Networks in Southeast Asia Draining Billions

In a sweeping effort to curb transnational cybercrime and human rights abuses, the U.S. Department of the Treasury’s Office of…
Read More »
September 8, 2025

Hackers Exploit Amazon SES to Blast Over 50,000 Malicious Emails Daily

A sophisticated cyberattack campaign where threat actors exploited compromised AWS credentials to hijack Amazon’s Simple Email Service (SES), launching large-scale…
Read More »
September 6, 2025

Over 143,000 Malware Files Target Android and iOS Users in Q2 2025

In the second quarter of 2025, users of Android and iOS devices faced relentless cyberthreats, with Kaspersky Security Network reporting…
Read More »
September 5, 2025

Threat Actors Exploit ScreenConnect Installers for Initial Access

A marked escalation in the abuse of ConnectWise ScreenConnect installers since March 2025, with U.S.-based businesses bearing the brunt of…
Read More »
September 4, 2025

Iran-Nexus Hackers Impersonate Omani MFA to Target Governments Entities

Cybersecurity researchers uncovered a sophisticated, Iran-linked spear-phishing operation that exploited a compromised Ministry of Foreign Affairs (MFA) mailbox in Oman…
Read More »
September 4, 2025

Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access

Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These…
Read More »
September 4, 2025

Namespace Reuse Vulnerability Exposes AI Platforms to Remote Code Execution

A newly discovered vulnerability in the AI supply chain—termed Model Namespace Reuse—permits attackers to achieve Remote Code Execution (RCE) across…
Read More »
September 3, 2025

Apache DolphinScheduler Vulnerability Patched — Update Immediately

A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under…
Read More »
September 3, 2025

Top 10 Best API Penetration Testing Companies In 2025

Best API Penetration Testing Companies Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of…
Read More »
September 2, 2025

ESPHome Vulnerability Allows Unauthorized Access to Smart Devices

A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to…
Read More »
September 2, 2025

Mapping the Web of Commercial Spyware: Targets and Attack Chains

A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs), exposing the methods…
Read More »
September 2, 2025

Food Delivery Robots Vulnerable to Hacks That Redirect Orders

A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the…
Read More »
September 1, 2025

Hackers Exploit Email Marketing Platforms to Deliver Hidden Malware

In recent months, Trustwave SpiderLabs—a LevelBlue company renowned for its threat intelligence and incident response services—has observed a marked uptick…
Read More »
September 1, 2025

Vulnerabilities in Sitecore CMS Platform Allow Excute Arbitrary Code Remotely

Security researchers at watchTowr Labs have uncovered a devastating chain of vulnerabilities in Sitecore Experience Platform that could allow attackers…
Read More »
August 31, 2025

AI Waifu RAT Exploits Users with Advanced Social Engineering Tactics

A sophisticated new malware campaign has emerged that weaponizes artificial intelligence and social engineering to target niche online communities. Security…
Read More »

Previous page Next page