On July 3, 2025, at Milan Malpensa Airport, Italian police arrested Xu Zewei (徐泽伟), whom U.S. authorities allege to be a hacker contracted by the Chinese state. Following the news about Xu’s arrest...

During the first half of 2025, many ransomware groups have been actively opening new Dedicated Leak Sites (DLS). The following graph shows new ransomware DLS sites identified by AhnLab from Februar...

Source: Arctic Wolf Executive Summary The Arctic Wolf® Labs team has identified a new campaign by cyber-espionage group Dropping Elephant targeting Turkish defense contractors, specifically a manu...

Tridium’s Niagara Framework® is a leading software framework designed to connect, manage, and control diverse devices in building management, industrial automation, and smart infrastructure environ...

The security vulnerability in versions 3.2.0 and below of the Post SMTP plugin is associated with multiple Broken Access Control vulnerabilities in its REST API endpoints. These endpoints only val...

On June 13, 2025, Israel launched a sweeping pre-emptive operation targeting Iran’s military leadership, conventional military sites, air defenses, and nuclear infrastructure. The campaign was dubb...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2012-10020 WebMovementLLC - FoxyP...

Acreed, a new malware-as-a-service (MaaS) platform, appears to have taken the top spot in the infostealer ecosystem. We suspect this is due to the takedown of Lumma Stealer (LummaC2) in May 2025. I...

A threat actor claiming to have launched a new ransomware-as-a-service (RaaS) venture is leveraging AI chatbots in its negotiation panel to automate communication and apply psychological pressure o...

It seems that vulnerability research is becoming increasingly challenging every year, as frameworks and languages become more secure by default and vendors are more aware of the security risks that...

If you haven’t yet listened to RunSafe Security’s excellent podcast, EXPLOITED: THE CYBER TRUTH, here’s a great place to start. In this episode, Hiding Vulns Sinks All Ships, special guest Duncan ...

Executive summary Akamai researchers previously outlined the potential for malicious use of UI automation (UIA). Now, Akamai researchers have analyzed a new variant of the Coyote malware that is t...

Key Takeaways Clickfix abuses trust: The campaign bypasses malware downloads by using fake security prompts to trick users into running terminal commands. AppleScript payloads steal user data: The ...

Key takeaways Not long after its takedown in May, Lumma Stealer is back. From June to July, the number of targeted accounts began resurging. Now, the malware is distributed with more discreet chan...

Varonis Threat Labs is shining a spotlight on a decade-old vulnerability that opens the door to URL spoofing. By exploiting how browsers handle Right-to-Left (RTL) and Left-to-Right (LTR) scripts,...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-30746 Oracle Corporation - O...

Introduction Some time ago, Kaspersky MDR analysts detected a targeted attack against government IT services in the African region. The attackers used hardcoded names of internal services, IP addr...

Intro Cyber-security now ranks among the energy sector’s most acute business risks. Unlike financial scandals such as Wirecard, a single unpatched flaw in operational technology can cascade from da...

Key findings Request for Quote scammers are using vendor supplied financing to steal physical goods. They utilize email and legitimate online quote request forms to reach potential victims. Sophist...

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch c...