The technique hinges on the predictable behavior of data serialization and the internal workings of Apple’s objects, which are essentially hash tables. The attack’s goal is to leak the memory addre...

A new wave of cyberattacks targeting organizations using SonicWall firewalls has been actively deploying Akira ransomware since late July 2025. Security researchers at Arctic Wolf Labs detected a s...

Ransomware crews have a clear favorite target in 2025: factories. New data shows manufacturing soaking up the lion’s share of industrial attacks this year, as criminals pivot between software flaws...

This hybrid operation, known as DeceptiveDevelopment, represents a dangerous convergence of traditional cybercrime and state-sponsored activities, targeting software developers and cryptocurrency p...

Two Dutch teenage boys aged 17 were arrested by the Politie on Monday for allegedly using hacking devices to spy for Russia. According to De Telegraaf, the two used a WiFi sniffer device near Europ...

Cybercriminals are increasingly turning to artificial intelligence to enhance their attack capabilities, as demonstrated in a sophisticated phishing campaign recently uncovered by security research...

Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent sy...

Between July 2024 and July 2025, the threat actor, tracked as RedNovember, was seen targeting high-profile organizations globally, across government, defense, aerospace, and other industries. For i...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-10906 Magnetism Studios - En...

Our previous post about Salt Typhoon provided an initial commentary on the Joint Cybersecurity Advisory on Salt Typhoon issued on August 27, 2025. The advisory identified three Chinese companies - ...

The UK’s National Crime Agency has arrested a man as part of an investigation into a ransomware attack that disrupted airports around the world last weekend. The attack targeting Collins Aerospace...

Cybersecurity professionals are facing an unprecedented acceleration in threat actor capabilities as the average breakout time—the period from initial access to lateral movement—has plummeted to a ...

In a significant update on a previous malicious campaign exposed last year, Cisco has said the same threat actor has exploited new vulnerabilities in Cisco Adaptive Security Appliance (ASA) 5500-X ...

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services ...

At a court hearing last week, U.K. prosecutors laid out a litany of charges against Jubair and 18-year-old Owen Flowers, accusing the teens of involvement in an August 2024 cyberattack that cripple...

Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks. Tracked as CVE-2025-20352, the ...

In September 2025, Zscaler ThreatLabz discovered a new multi-stage ClickFix campaign potentially targeting members of Russian civil society. Based on multiple overlapping tactics, techniques and pr...

CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401,...

Akvorado 2.0 was released today! 🚀 Akvorado collects network flows with IPFIX and sFlow. It enriches flows and stores them in a ClickHouse database. Users can browse the data through a web console....

The U.S. Secret Service uncovered a covert communications network near the U.N. in New York, seizing 100,000 SIM cards and 300 servers. The operation, capable of sending 30 million texts per minute...