security
-
PureRAT Hides PE Payload via Steganographic Delivery
Modern threat actors are increasingly moving away from traditional, disk-heavy malware in favor of “living-off-the-land” (LotL) techniques. A recent, highly…
Read More » -
Critical Alert: Active Exploitation of Cisco Catalyst SD-WAN Manager Demands Immediate Remediation
The cybersecurity landscape has shifted significantly following an urgent advisory from the Cybersecurity and Infrastructure Security Agency (CISA). Network defenders…
Read More » -
Critical Exposure Alert: Over 6,000 Apache ActiveMQ Instances Vulnerable to Remote Code Execution
In a significant blow to enterprise perimeter security, a massive wave of internet-facing Apache ActiveMQ brokers has been identified as…
Read More » -
Critical RCE Vulnerability Discovered in SGLang: How Malicious GGUF Models Can Compromise Inference Servers
In an era where AI infrastructure speed is prioritized, a significant security oversight has been uncovered within SGLang, a high-performance…
Read More » -
Stealth by Design: Unpacking the Sophisticated ‘Stealtok’ Malicious Extension Campaign
In a sobering reminder of how easily trust can be exploited, security researchers at LayerX have exposed a highly coordinated…
Read More » -
Machine-Speed Exploitation: How Frontier AI is Redefining the Cyber Threat Landscape
We are witnessing a fundamental paradigm shift in offensive cyber operations. Artificial Intelligence is moving beyond its role as a…
Read More » -
SideWinder APT Leverages Cloudflare Workers and Tailored PDF Lures in Sophisticated Zimbra Phishing Campaign
A highly sophisticated credential-harvesting operation, attributed to the SideWinder APT, has been identified targeting critical South Asian government infrastructure. The…
Read More » -
Operation PhantomCLR: Exploiting .NET AppDomain Mechanisms via Trusted Intel Binaries
In a sophisticated display of living-off-the-land (LotL) tactics, threat actors are hijacking the fundamental architecture of the .NET AppDomain to…
Read More » -
The Anthropic Paradox: Inside the NSA’s Secret Use of Mythos AI
The National Security Agency (NSA) has quietly integrated Anthropic’s highly restricted “Mythos” artificial intelligence model into its toolkit, operating in…
Read More » -
Notion Data Leak Exposes Editor Email Addresses Without Authentication
Security researchers have confirmed that any public Notion page now leaks the full names, email addresses, and profile pictures of…
Read More » -
NIST Restructures NVD Operations to Tackle Record CVE Growth
According to a recent announcement from the National Institute of Standards and Technology (NIST), the agency is fundamentally restructuring how…
Read More » -
From Dundee to Federal Custody: UK Man Stole $8M via SMiShing and SIM Swaps
When we talk about cyber intrusions, we often think of complex code or zero-day exploits. However, as the recent case…
Read More » -
Nexcorium: Aggressive Mirai Botnet Exploits Critical IoT Vulnerability
A new Mirai malware variant dubbed Nexcorium is actively compromising unpatched Internet of Things (IoT) devices, with attackers exploiting a…
Read More » -
Email-Borne Worm Surge Targets Industrial Systems as Overall Malware Declines
While malware activity on industrial control systems (ICS) networks shows gradual decline, email-borne worms are driving a new wave of…
Read More » -
TP-Link Routers Under Attack: Mirai Exploitation via Critical Vulnerability
Active scanning campaigns are targeting vulnerable TP-Link home routers to deploy Mirai-style malware, exploiting the CVE-2023-33538 vulnerability in a new…
Read More » -
OpenAI Unleashes GPT-5.4-Cyber to Fortify Global Digital Defenses
In a groundbreaking expansion of its cybersecurity initiative, OpenAI has announced worldwide access to its GPT-5.4-Cyber model through the Trusted…
Read More »