Most companies in 2025 rely on a whole range of software-as-a-service (SaaS) applications to run their operations. However, the security of these applications depends on small pieces of data called...
Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. In the first stage of the attack, the th...
Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country’s State Service for Special Commu...
The quarter marked a pivotal moment with the emergence of Scattered Spider’s inaugural ransomware-as-a-service offering, ShinySp1d3r RaaS, representing the first major English-led ransomware operat...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-11418 Tenda - CH22 A s...
North Korean threat actors are estimated to have stolen more than $2 billion in cryptocurrency during the first nine months of 2025, according to blockchain analysis firm Elliptic. This marks an an...
Microsoft has warned about hackers taking advantage of its collaboration platform, Teams. Attackers use Teams to gather information, trick users into sharing sensitive data, impersonate trusted sou...
A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” oper...
Foreign adversaries are now building AI into their existing workflows – from crafting phishing campaigns, tweaking malware, and generating propaganda, to researching ways to automate their cyber ki...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2023-6215 HP, Inc. - HP Sure Star...
The gang, which identifies itself as Radiant, reported on the attack on its dark web portal last month. It evidenced its claim by publishing the names, photos, home addresses, and family contact in...
One of the bugs, known as ‘The Year 2038 problem’ and Y2K38, could cause computers to malfunction on January 19, 2038. The issue affects systems that use a 32-bit integer to store time as the numbe...
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen...
OpenAI has banned ChatGPT accounts believed to be linked to Chinese government entities attempting to use AI models to surveil individuals and social media accounts. “What we saw and banned in tho...
A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the single l...
A team of researchers from the University of California, Irvine, has discovered a security risk right on your desk. It turns out that your high-performance computer mouse, an item you probably trus...
This exposes the servers to the exploitation of the newly discovered CVE-2025-49844 (CVSS score of 10/10), named RediShell, a use-after-free issue that may allow authenticated attackers to execute ...
A 13-year-old critical remote code execution (RCE) vulnerability in Redis, dubbed RediShell, allows attackers to gain full access to the underlying host system. The flaw, tracked as CVE-2025-49844,...
The report emphasizes how the threat landscape is maturing, characterized by the rapid exploitation of vulnerabilities, the professionalization of cybercrime, and the increasing convergence between...
A new data leak site hosted on the TOR network has been launched by the “Trinity of Chaos” – a ransomware collective allegedly tied to the Lapsus$, Scattered Spider and ShinyHunters groups. The co...