Check Point Research is tracking a long-running campaign by the Iranian threat actor Nimbus Manticore, which overlaps with UNC1549, Smoke Sandstorm, and the “Iranian Dream Job” operations. The ongo...

A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. The technique...

Security researcher Dirk-jan Mollema, founder of offensive security Outsider Security, discovered a token validation flaw that gave him Global Admin privileges in every Entra ID tenant. This level...

Primary impacts hit Heathrow (London, UK), Brussels (Belgium), and Berlin (Germany). These three saw the most severe disruptions, with 29 total cancellations across them by September 20 midday. Th...

The automaker – which owns brands including Chrysler, Jeep, and Peugeot – confirmed the data leak to Reuters, saying an unnamed third-party provider that supports its North American customer servic...

Emerging in early 2023, TradeOgre operated entirely as a hidden service, leveraging the anonymity of the Tor network to avoid regulatory oversight and conceal the origin of illicit funds. Royal Ca...

Akira is known to have very comparable links to the old Conti cybercrime organisation, including code similarities with the ransomware payload and templated attacks that follow a playbook of proced...

In February 2025, via ESET telemetry, we detected four different Gamaredon-Turla co-compromises in Ukraine. On those machines, Gamaredon deployed a wide range of tools, including PteroLNK, PteroSte...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2023-49564 Nokia - CBIS,NCS ...

Researchers at Radware uncovered a server-side data theft attack targeting ChatGPT, called ShadowLeak. The experts discovered a zero-click vulnerability in ChatGPT’s Deep Research agent when connec...

In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware. The threat actors are using Search Engine Optimizati...

The actively exploited vulnerability, CVE-2025-10585, is a Type Confusion flaw in the V8 JavaScript and WebAssembly engine. Type confusion bugs occur when a program allocates a resource or object ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-10604 PHPGurukul - Online Di...

We’ve identified infrastructure used to distribute BeaverTail and InvisibleFerret malware variants since at least May 2025. BeaverTail and InvisibleFerret are malware families operated by North Kor...

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. ShinyHunters told BleepingComputer tha...

Microsoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group behind a phishing-as-a-service (...

A threat actor who gained initial access through a SonicWall VPN device was able to escalate their attack by finding Huntress recovery codes saved in a plaintext file on a user’s desktop. This allo...

The incident, dubbed the FinWise insider breach, resulted in the exfiltration of sensitive customer records nearly 689,000 names, Social Security numbers, and other personal identifiers via direct ...

Throughout July and August 2025, TA415 conducted spearphishing campaigns targeting United States government, think tank, and academic organizations utilizing U.S.-China economic-themed lures. The r...

Fitzpatrick was now resentenced to three years in prison for his role in operating BreachForums and for possessing child sexual abuse material. Launched in March 2022 and also known as Breached, B...