web
-
Malicious Browser Add‑on Targets imToken Users’ Private Keys
Socket’s Threat Research Team has uncovered a highly deceptive Google Chrome extension designed to steal private keys and seed phrases…
Read More » -
Cisco Secure Firewall Vulnerability Exposes Networks to Authentication Bypass Attacks
Cisco has publicly revealed a critical security flaw within its Secure Firewall Management Centre (FMC) Software, enabling remote attackers to…
Read More » -
AI Accelerates High-Velocity Cyber Attacks
Cyberattacks are shifting from “breaking in” to simply “logging in,” with AI now automating high-speed operations that overwhelm human defenders.…
Read More » -
Iranian APT Groups Intensify Cyberattacks on Critical Infrastructure Amid Rising Geopolitical Tensions
A dramatic escalation in Middle Eastern tensions began last week with Operation Lion’s Roar, a joint U.S.-Iranian military strike on…
Read More » -
Honeywell Controllers Widely Exposed Without Authentication
Security researchers at Zero Science Lab have disclosed a critical vulnerability in Honeywell’s Trend IQ4xx series of Building Management System…
Read More » -
HPE AutoPass Vulnerability Allows Remote Attackers to Bypass Authentication
Hewlett Packard Enterprise (HPE) has disclosed a remote authentication-bypass vulnerability in HPE AutoPass License Server (APLS) that could let unauthenticated…
Read More » -
Google Chrome Introduces Merkle Tree Certificates to Protect HTTPS from Quantum Attacks
Google Chrome’s Secure Web and Networking Team has announced a new effort to protect HTTPS traffic from upcoming quantum‑computing attacks.…
Read More » -
AuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing Campaigns
Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2)…
Read More » -
Hackers Weaponize 7-Zip Downloads to Turn Home PCs Into Proxy Nodes
A fake website impersonating the popular 7-Zip file archiver has been distributing malicious software that secretly converts infected computers into…
Read More » -
Microsoft Patches MSMQ Flaw That Affects IIS Web Servers
Microsoft has issued an emergency security update to fix a critical vulnerability in the Message Queuing (MSMQ) feature, which affects…
Read More » -
Beware of Malicious Scripts in Weaponized PDF Purchase Orders
A sophisticated phishing campaign utilizing a weaponized PDF document named “NEW Purchase Order # 52177236.pdf” has been identified, employing legitimate…
Read More » -
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known…
Read More » -
Link11 Identifies Five Cybersecurity Trends Shaping European Defense Strategies in 2026
Link11, a leading European provider of web infrastructure security solutions, has released new insights highlighting five key cybersecurity developments that…
Read More » -
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
Cybersecurity researchers at Rapid7 Labs have discovered a new and sophisticated threat: SantaStealer, a malware-as-a-service information stealer that is being…
Read More » -
Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users
Apple has recently released critical security patches to address two zero-day vulnerabilities that are being actively exploited on iPhone and…
Read More » -
Research Findings on the Fate of Data Stolen in Phishing Attacks
Recent research conducted by Kaspersky has shed light on the entire lifecycle of data stolen during phishing attacks, exposing a…
Read More » -
Surge in Attacks Targeting RSC-Enabled Services Worldwide
In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly…
Read More » -
644K+ Websites at Risk Due to Critical React Server Components Flaw
A critical vulnerability known as “React2Shell” has been identified by the Shadowserver Foundation, posing a significant threat to a massive…
Read More »