CISA has issued a critical alert regarding an actively exploited zero-day vulnerability impacting the Microsoft Windows Cloud Files Mini Filter Driver. Tracked as CVE-2025-62221, this flaw is a use...

Managed service providers (MSPs) represent increasingly popular cyberattack targets, characterized by numerous endpoints and distributed networks that present adversaries with diverse exploitation ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-14542 undefined - undefined ...

Stanford University has unveiled ARTEMIS, an autonomous AI agent platform designed for penetration testing, which recently underwent rigorous evaluation against human cybersecurity professionals an...

The Hamas-affiliated advanced persistent threat (APT), known as Ashen Lepus (also tracked as WIRTE), has launched a sophisticated espionage campaign targeting governmental and diplomatic entities a...

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. However, a GitHub commit ...

The “Driver Plugin” contains an embedded kernel-mode rootkit that, in some cases, retains valid signatures and remains loadable on fully updated Windows 11 systems, bypassing built-in protection fe...

A critical vulnerability, CVE-2025-13607, has been identified in multiple India-based CCTV camera models from vendors D-Link, Sparsh Securitech, and Securus CCTV. Rated with a CVSS v4 score of 9.3 ...

A prominent cybercrime forum has become the platform for a threat actor claiming to have successfully breached Volkswagen Mandi, an official car dealership located in Himachal Pradesh, India. This ...

The FBI has issued a significant warning regarding a novel and disturbing virtual kidnapping scam. Threat actors are actively harvesting public Facebook photos to fabricate “proof-of-life” images i...

Polish authorities have apprehended three Ukrainian nationals on suspicion of attempting to compromise critical IT systems and acquire sensitive national defense data within the country. The men, a...

Securonix Threat Research has uncovered a sophisticated new malware campaign, dubbed JS#SMUGGLER, which is actively deploying the NetSupport Remote Access Trojan (RAT) through a multi-stage infecti...

The vulnerability, dubbed React2Shell and officially tracked as CVE-2025-55182, can be exploited using specially crafted HTTP requests for unauthenticated remote code execution. The flaw impacts sy...

A new trojan identified as ChrimeraWire is actively manipulating search engine rankings for both Google and Bing by simulating legitimate user activity through a hidden instance of the Google Chrom...

Cybersecurity researchers detailed two new Android malware families, FvncBot and SeedSnatcher, alongside an upgraded ClayRat version. Findings from Intel 471, CYFIRMA, and Zimperium highlight growi...

MAG Aerospace, military contractor for the US military in intelligence, surveillance and reconnaissance, suffered a breach exposing its employee data. According to MAG Aerospace, the company was al...

Portugal has significantly updated its cybercrime law, introducing a crucial legal safe harbor for security researchers operating in good faith. This modification aims to exempt specific actions fr...

LockBit 5.0 key infrastructure exposed, revealing the IP address 205.185.116.233, and the domain karma0.xyz is hosting the ransomware group’s latest leak site. According to researcher Rakesh Krish...

Barts Health NHS Trust has confirmed that the Russian-speaking Cl0p ransomware group stole files from one of its invoice databases after exploiting a vulnerability in Oracle E-Business Suite. The b...

A campaign began on December 2 targeting Palo Alto GlobalProtect portals with login attempts and scanning SonicWall SonicOS API endpoints. The activity came from over 7,000 IPs tied to German hosti...