Affected Devices. Impact Turned out that OpenSynergy BlueSDK framework is widely used in the automotive industry in particular. BlueSDK is used in other domains as well (for example, in mobile pho...

GreyNoise has identified a previously untracked variant of a scraper botnet, detectable through a globally unique network fingerprint. While the botnet uses a simple and easily spoofed user-agent s...

Source: Cyfirma INTRODUCTION GitHub remains a popular platform for malware distribution, particularly for luring users into downloading and executing seemingly harmless tools. In this case, a GitH...

The JFrog Security Research team has recently discovered and disclosed CVE-2025-6514 – a critical (CVSS 9.6) security vulnerability in the mcp-remote project – a popular tool used by Model Context ...

Varonis Threat Labs discovered a high-severity vulnerability in ServiceNow’s platform that could lead to significant data exposure and exfiltration, including PII, credentials, and other sensitive ...

In a recent article, we discussed some of the reasons sites are frequently attacked. That article covered browser redirects, and we’ll explore an example of such a case here. Website themes are a ...

A set of 18 malicious browser extensions that are still available to download on Google Chrome and Microsoft Edge have been identified by a team of security researchers at Koi Security. These exte...

One of the things we’re most proud of at DomainTools is our Grants program. We offer free access and training to investigative journalists, as well as security researchers involved in community-ben...

In the volatile aftermath of the Israel-Iran-USA conflict, a sophisticated cyber threat has re-emerged, targeting organizations across the West. Morphisec’s threat research team has uncovered the r...

In the last few months, Reversing Labs (RL) researchers have encountered multiple malicious packages that target cryptocurrency users and developers. In May, RL researcher Karlo Zanki wrote a blog ...

Unit 42 researchers uncovered a campaign by an initial access broker (IAB) to exploit leaked Machine Keys — cryptographic keys used on ASP.NET sites — to gain access to targeted organizations. IABs...

The DoNot APT group, also identified by various security vendors as APT-C-35, Mint Tempest, Origami Elephant, SECTOR02, and Viceroy Tiger, has been active since at least 2016, and has been attribut...

Excerpt: “Combolists and URL-Login-Password (ULP) files have existed since the earliest user data leaks. These files offer a convenient format for storing and distributing compromised credentials ...

TapTrap is a new type of attack targeting Android devices. It allows an app without any permissions to misuse screen animations. This app can secretly open another screen, such as a permission prom...

ThreatFabric researchers have identified a new campaign involving the Anatsa Android banking trojan, which is now targeting users in North America. This marks at least the third instance of Anatsa ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2016-10033 n/a - n/a The ma...

Affected Platforms: Microsoft Windows Impacted Users: Microsoft Windows Impact: The stolen information can be used for future attacks Severity Level: High FortiGuard Labs recently uncovered an act...

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the s...

Resurgence of Monero-mining Malware Is it the same XMRig threat from the past? What is apparent with the current XMRig threat is its multi-staged approach and use of LOLBAS (Living Off the Land B...

Source: Cybereason Excerpt: Delivery Mechanism Threat actors utilize phishing campaigns to distribute a malicious website link through: Phishing emails PDF attachments Gaming websites Att...