In March 2024, the DoJ indicted seven hackers associated with APT31, accusing them of engaging in sweeping cyber espionage ...

Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited ...

PumaBot hijacks Linux IoT devices via SSH brute-force, fakes Redis services, and mines crypto using stealthy rootkits.

Session hijacking now drives enterprise breaches—88% involve stolen credentials, often exploited within hours.

Mimo exploits CVE-2025-32432 in Craft CMS days after disclosure, deploying cryptominer and proxyware for monetization.

The attack works by targeting session tokens. This enables the attackers to subvert even multi-factor authentication (MFA); ...

Amazon-hosted IPs scanned 75 tech targets on May 8 in a one-day exploit surge, showing orchestrated cloud-based recon.

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more ...

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a ...

The ZIP archive ("BitDefender.zip") contains an executable called "StoreInstaller.exe," which includes malware configurations ...

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools ...

Mobile-focused phishing using SEO poisoning and fake portals hit payroll systems in May 2025, rerouting salaries and evading ...