NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-42651 n/a - n/a NanoMQ...

Singapore’s critical infrastructure faces an escalating cyber threat from UNC3886, a sophisticated Chinese state-linked Advanced Persistent Threat (APT) group that has been systematically targeting...

Vulnerabilities in AEM Forms The Searchlight Cyber Research Team discovered and disclosed three critical vulnerabilities in Adobe Experience Manager Forms to Adobe in late April 2025. As of writing...

The flaw, tracked as CVE-2023-2533, is described as a high-severity cross-site request forgery (CSRF) issue that, under certain conditions, allows attackers to modify security settings or execute a...

Key Points: Check Point Research has discovered the JSCEAL campaign, which targets crypto app users by leveraging malicious advertisements. The campaign uses fake applications impersonating popul...

Sophos analysts are investigating a new infection chain for the GOLD BLADE cybercriminal group’s custom RedLoader malware, which initiates command and control (C2) communications. The threat actors...

Executive Summary In July 2025, one of CloudSEK’s premier banking clients had reached out, requesting assistance to investigate a wave of social media content, depicting the rise of a new “finfluen...

Cybercriminals Attack Seychelles – Offshore Banking as a Target Source: Resecurity Date Published: July 29, 2025 Resecurity identified an increase in attacks against offshore banking platforms. T...

In April 2025, Darktrace identified an Auto-Color backdoor malware attack taking place on the network of a US-based chemicals company. Over the course of three days, a threat actor gained access t...

Generative AI and LLM technologies have shown great potential in recent years, and for this reason, an increasing number of applications are starting to integrate them for multiple purposes. These ...

On May 30th, 2025, we received a submission for an Arbitrary File Upload via Plugin Installation vulnerability in Alone, a WordPress theme with more than 9,000 sales. This vulnerability makes it po...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2014-125115 Artica ST - Pandora F...

Key takeaways ToxicPanda is an Android banking trojan designed to steal banking and digital wallet logins, overlaying PIN & pattern codes, and performing unauthorized transactions. The malware...

It’s 2025, and at this point, we’re convinced there’s a secret industry-wide pledge: every network appliance must include at least one trivially avoidable HTTP header parsing bug - preferably pre-a...

Aeroflot cancels dozens of flights. Prosecutors say Aeroflot was hacked. Airline’s IT systems fail. Pro-Ukrainian hackers claim cyberattack. Kremlin calls situation ‘alarming’. MOSCOW, July 28 (Re...

Key Takeaways UNC3886 is an APT group that has historically targeted critical infrastructure, including telecommunications, government, technology, and defense, with a recent attack against Singap...

Key Takeaways RedHook is a newly identified Android banking trojan targeting Vietnamese users through phishing sites impersonating trusted financial and government institutions. The malware combi...

The Belgian Grand Prix, held at the iconic Spa-Francorchamps circuit, is a highlight of the Formula 1 calendar, drawing thousands of fans and global attention on July 27, 2025. As Formula 1’s popul...

China-linked cyberespionage group Fire Ant is exploiting VMware and F5 vulnerabilities to stealthily access secure, segmented systems, according to Sygnia. Since early 2025, the group has targeted...

Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance secto...