"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...

State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.

Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.

The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...

The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...

Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.

Russian APT Secret Blizzard uses ISP-level AitM attacks to deploy ApolloShadow malware on embassy devices in Moscow.

In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...

Threat actors abuse Proofpoint and Intermedia link wrapping to deliver phishing emails and steal Microsoft 365 credentials.

While SaaS-based SIEMs are marketed as a natural evolution, they often fall short of their on-prem predecessors in practice.

SentinelOne boosts enterprise cyber defense with AI-powered endpoint security, cutting response time and risk across ...

Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to ...