Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury...

The Socket Threat Research Team has uncovered a new North Korean software supply chain attack involving a previously unreported malware loader we call XORIndex. This activity is an expansion of the...

Since late 2024, Unit 42 researchers have been tracking a cluster of suspicious activity as CL-STA-1020, targeting governmental entities in Southeast Asia. The threat actors behind this cluster of ...

Nvidia last week advised customers to ensure they employ mitigations against Rowhammer attacks, after researchers found one of its workstation-grade GPUs is susceptible to the exploit. Rowhammer i...

Introduction Picture this: you’re an incident responder hot on the trail of an intruder who’s hopping between servers using Remote Desktop Protocol (RDP). They think they’re sneaky, hiding behind ...

The Octalyn Forensic Toolkit, publicly hosted on GitHub, presents itself as a research-oriented tool for digital forensics and red teaming. It consists of a C++-based payload module supported by a ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2013-3307 Linksys - E1000Linksys ...

This time, we’re looking at Fortinet’s FortiWeb Fabric Connector. “What is that?” we hear you say. That’s a great question; no one knows. For the uninitiated, or unjaded: Fortinet’s FortiWeb Fabri...

A new report from the U.S. GAO detailed that policies and actions implemented under the Cybersecurity Information Sharing Act of 2015 have positively contributed to the sharing of cyber threat info...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-27889 wftpserver - Wing FTP ...

First noted by a Chinese blogger in July 2021, macOS.ZuRu is a backdoor that was initially delivered through poisoned web results on Baidu. Users searching for the popular Terminal emulator iTerm2 ...

TL;DR: Huntress saw active exploitation of Wing FTP Server remote code execution (CVE-2025-47812) on a customer on July 1, 2025. Organizations running Wing FTP Server should update to the fixed ver...

🎵 Sometimes you wanna go Where everybody knows your name And they’re always glad you came 🎵 ~Theme from Cheers Everyone should have a place to go where they’re comfortable, can pull up a comfy inf...

RenderShock is a comprehensive zero-click attack strategy that targets passive file preview, indexing, and automation behaviours in modern operating systems and enterprise environments. It leverage...

Overview Recently, the SonicWall Capture Labs threat research team identified a PowerShell-based ransomware variant that is abusing GitHub for its distribution. The malware authors are misusing ra...

Background In our “Malware of the Day” series, we have explored a variety of C2 network communication profiles, covering protocols like HTTP, HTTPS, DNS, ICMP, and NTP. Most of these simulations we...

Microsoft on Tuesday released 127 patches affecting 14 product families. Nine of the addressed issues — four involving Windows, two involving 365 and Office, and one each involving SharePoint, SQL,...

Executive Summary In this article, we share hunting tips and mitigation strategies for ClickFix campaigns and provide an inside view of some of the most prominent ClickFix campaigns we have seen so...

Arkana Ransomware emerged in early 2025, making its debut with a bold attack on WideOpenWest (WOW!), a U.S. internet provider, in late March 2025. The group claimed to have stolen two databases (ar...

Attacks that leverage malicious open-source packages are becoming a major and growing threat. This type of attack currently seems commonplace, with reports of infected packages in repositories like...