North Korean threat actors are estimated to have stolen more than $2 billion in cryptocurrency during the first nine months of 2025, according to blockchain analysis firm Elliptic. This marks an an...
Microsoft has warned about hackers taking advantage of its collaboration platform, Teams. Attackers use Teams to gather information, trick users into sharing sensitive data, impersonate trusted sou...
A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” oper...
Foreign adversaries are now building AI into their existing workflows – from crafting phishing campaigns, tweaking malware, and generating propaganda, to researching ways to automate their cyber ki...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2023-6215 HP, Inc. - HP Sure Star...
The gang, which identifies itself as Radiant, reported on the attack on its dark web portal last month. It evidenced its claim by publishing the names, photos, home addresses, and family contact in...
One of the bugs, known as ‘The Year 2038 problem’ and Y2K38, could cause computers to malfunction on January 19, 2038. The issue affects systems that use a 32-bit integer to store time as the numbe...
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen...
OpenAI has banned ChatGPT accounts believed to be linked to Chinese government entities attempting to use AI models to surveil individuals and social media accounts. “What we saw and banned in tho...
A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the single l...
A team of researchers from the University of California, Irvine, has discovered a security risk right on your desk. It turns out that your high-performance computer mouse, an item you probably trus...
This exposes the servers to the exploitation of the newly discovered CVE-2025-49844 (CVSS score of 10/10), named RediShell, a use-after-free issue that may allow authenticated attackers to execute ...
A 13-year-old critical remote code execution (RCE) vulnerability in Redis, dubbed RediShell, allows attackers to gain full access to the underlying host system. The flaw, tracked as CVE-2025-49844,...
The report emphasizes how the threat landscape is maturing, characterized by the rapid exploitation of vulnerabilities, the professionalization of cybercrime, and the increasing convergence between...
A new data leak site hosted on the TOR network has been launched by the “Trinity of Chaos” – a ransomware collective allegedly tied to the Lapsus$, Scattered Spider and ShinyHunters groups. The co...
Cybersecurity researchers at WatchTowr have published their analysis revealing a vulnerability in Dell UnityVSA, tracked as CVE-2025-36604. The flaw allows an attacker with no authentication to iss...
BIETA and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), research, develop, import, and sell technologies that almost certainly support intelligence, counterintelligence, militar...
Tracked as CVE-2025-10035, this security flaw impacts Fortra’s web-based secure transfer GoAnywhere MFT tool, caused by a deserialization of untrusted data weakness in the License Servlet. This vul...
A new report from Booz Allen Hamilton identified that the People’s Republic of China (PRC) has developed a sophisticated and persistent cyber acceleration strategy that enables it to conduct global...
A newly disclosed vulnerability, named the WireTap attack, allows attackers with physical access to break the security of Intel’s Software Guard eXtensions (SGX) on modern server processors and ste...