security
-
Adobe Releases Emergency Patch for Critical Zero-Day Flaw in Acrobat and Reader
Adobe has issued an urgent security update to fix a critical zero-day vulnerability affecting Acrobat and Reader on both Windows…
Read More » -
AI-Powered Cyberattack on Mexican Government Exposes Hundreds of Millions of Records
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack…
Read More » -
EngageSDK Vulnerability puts millions of crypto wallets at risk
A recently identified flaw in the popular Android library EngageSDK has sparked serious worries within the cryptocurrency sector, potentially endangering…
Read More » -
Fake BTS Tour Ticket Scams Target Fans Worldwide
As BTS makes its highly anticipated return to the global stage following their mandatory military service, K-pop fans worldwide are…
Read More » -
TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover
Cybersecurity researchers have uncovered five significant security vulnerabilities in the TP-Link Archer AX53 v1.0 router. If left unpatched, these critical…
Read More » -
One Line, Eleven Models: The Sockpuppeting Technique That Defeats AI Safeguards
A newly discovered jailbreak technique called “sockpuppeting” can force 11 leading AI models—including ChatGPT, Claude and Gemini—to bypass their safety…
Read More » -
Attackers Deploy Hidden Magecart Skimmer on Magento Using SVG onload Abuse
Security researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with…
Read More » -
Technical Details Released for Critical Cisco SSM Command Execution Vulnerability
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem).…
Read More » -
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
SonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open…
Read More » -
Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks
Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain…
Read More » -
China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft
A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes…
Read More » -
CISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing Attacks
The Cybersecurity and Infrastructure security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint…
Read More » -
RoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past Defenses
A sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced…
Read More » -
Linux Foundation Leader Impersonated in Slack Attack on Open Source Developers
A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren…
Read More » -
Silver Fox Campaign Spreads ValleyRAT via Fake Chinese Telegram Language Pack
New analysis of a fake Telegram installer uploaded to MalwareBazaar reveals Silver Fox expanding its ValleyRAT operations via a fresh…
Read More » -
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
Security researchers have uncovered a highly sophisticated, unpatched zero-day vulnerability actively targeting Adobe Reader users. The exploit, first detected in…
Read More » -
Masjesu Botnet Targets Routers in Commercial DDoS Attacks
Hackers are abusing the Masjesu botnet to run high-volume DDoS-for-hire attacks against routers, gateways, and other exposed IoT infrastructure, turning…
Read More » -
Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling
A recently uncovered vulnerability in OpenSSL could expose sensitive data stored within application memory to potential attackers. Identified as CVE-2026-31790,…
Read More » -
Docker Authorization Bypass Flaw Exposed Hosts to Potential Attackers
A critical security vulnerabilityhas been identified in Docker Engine, creating a risk of authorization bypass attacks against host systems. Referred…
Read More »