Recorded Future analysts identified key threat actors operating on Telegram platforms, particularly @webu8, who advertises specialized burner phones and ghost-tapping services to Chinese-speaking c...

The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) addressed by Microsoft in April 2025, as reported by...

A Rotherham man has been sentenced to 20 months behind bars for a range of hacktivism-related offenses. Al-Tahery Al-Mashriky, 26, was arrested in 2022 by National Crime Agency (NCA) officers after...

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw w...

The SpiderLabs Research team recently observed an EncryptHub campaign that combines social engineering and the exploitation of the Microsoft Management Console (MMC): CVE-2025-26633. This vulnerabi...

A Chinese-speaking advanced persistent threat (APT) group, tracked as UAT-7237, has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools wit...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-24975 FirebirdSQL - firebird...

UK-based telecommunications company Colt Technology Services is dealing with a cyberattack that has caused a multi-day outage of some of the company’s operations, including hosting and porting serv...

The Dutch newspaper Leeuwarder Courant has reported that dozens of speed cameras remain offline after they were temporarily shut down following the system compromise. The cyberattack itself, which ...

Cisco has disclosed a critical vulnerability in its Secure Firewall Management Center (FMC) Software. The remote code execution (RCE) flaw, CVE-2025-20265, has a maximum CVSS severity score of 10.0...

One of the recent discoveries made by ThreatFabric’s analysts continues this trend. In this report we introduce PhantomCard - a new Android NFC-based Trojan targeting banking customers in Brazil an...

This blog post breaks down the data from recent attacks, reveals the propaganda and recruitment tactics being used by threat actors, details the phishing and fake offer scams to watch out for, and ...

This week, Pakistan’s National Cyber Emergency Response Team (NCERT) has issued an advisory to 39 key ministries and institutions, warning them of a “severe risk” posed by the ongoing ‘Blue Locker’...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-26009 Fortinet - FortiPAMFor...

Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The...

We recently identified a new ransomware family called Charon, deployed in a targeted attack observed in the Middle East’s public sector and aviation industry. The threat actor employed a DLL sidelo...

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term acces...

Today is Microsoft’s August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly disclosed zero-day vulnerability in Windows Kerberos. Of the 107 vulnerabilitie...

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C#, which we are referring to as “PS1Bot.” One...

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to comprom...