QuickLens Chrome Extension Steals Crypto and Shows ClickFix Attack 🚨 A Chrome extension named “QuickLens - Search Screen with Google Lens” has been removed from the Chrome Web Store after it was c...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2019-25489 Doditsolutions - Homey...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2019-25450 Dolibarr - Dolibarr ER...

UFP Technologies Discloses Data Breach After Cybersecurity Incident 🚨 UFP Technologies, a prominent American manufacturer of critical medical devices, has recently confirmed a significant cybersec...

🚨 Five Eyes Urgent Warning: Patch Your Cisco SD-WAN to Prevent Root Takeover! The Five Eyes intelligence alliance is urgently warning defenders to patch two Cisco Catalyst SD-WAN vulnerabilities u...

Critical Juniper Networks PTX Flaw Allows Full Router Takeover 🚨 A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could...

Vshell - A Chinese-Language Alternative to Cobalt Strike Vshell is a Go-based remote administration tool that provides post-compromise capabilities for network pivoting and proxying. Publicly avai...

The Investigative Gap - Why Forensic Context is the SOC’s Greatest Bottleneck The global average cost of a data breach has finally decreased for the first time in five years, falling to $4.44 mill...

Post-Exploitation at Scale - The Rise of AILM AILM (AI-Induced Lateral Movement) is a new post-exploitation attack vector where the pivot mechanism isn’t a subnet or an identity, but the organizat...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2006-3730 n/a - n/a Integer...

Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated Sergey Sergey...

SLH Offers Financial Incentives for Vishing Attacks 🚨 The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women ...

One-click Disaster: Microsoft’s Entra Tokens at Risk 🚨 A single click could grant third-party apps permanent access to corporate email accounts without a password, putting organizations at risk of...

A Surprising Discovery 🚀 A software engineer’s earnest effort to steer his new DJI robot vacuum with a video game controller inadvertently granted him a sneak peek into thousands of people’s homes...

Kali & LLM - macOS with Claude Desktop GUI This post will focus on an alternative method of using Kali Linux, moving beyond direct terminal command execution. Instead, we will leverage a Large...

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to...

DNB Podcast: The Long Game and the Laptop Farm In this episode of Dragon News Bytes, Will Baxter and Eli Woodward sit down in person to dissect the “long game” of modern cyber espionage. 🚀 We dive...

Critical Cisco SD-WAN Bug Exploited in Zero-Day Attacks 🚨 Cisco is warning about a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127. This vulnerabil...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2018-25158 Chamilo - Chamillo LMS...

Anthropic Claims Chinese AI Firms ‘Distilled’ Claude to Train Their Models Questions about how AI models can be copied and replicated are moving from theory into active security debates after Anth...