These personalized attacks primarily target key employees and generic organizational inboxes such as info@ and support@, creating a sense of urgency through legal threats that pressure recipients i...
An Oregon man was charged by a federal criminal complaint today in the District of Alaska on charges related to his alleged development and administration of the “Rapper Bot” DDoS-for-hire Botnet t...
Nearly two dozen VPN applications in Google Play contain security weaknesses impacting the privacy of their users, exposing transmitted data to decryption, a new Citizen Lab report shows. Furtherm...
Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers. Researchers a...
A popular Google-featured browser extension offering a virtual private network (VPN) service recently turned malicious and is now spying on users’ every move online. Researchers from Koi Security d...
Occasionally, when threat actors are hosting payloads over HTTP, they accidentally expose the whole entire directory and subdirectory of files, rather than the singular payload they intended to sha...
Tracked as UAT-7237 and believed to be active since 2022, the threat actor is likely a division of the hacking group that Talos tracks as UAT-5918, which overlaps with Chinese APTs such as Volt Typ...
Safety’s head of research Paul McCarty last week revealed his discovery of npm packages that he wrote “targeted the Solana cryptocurrency ecosystem and pretend to ‘scan’ for Solana SDK components.”...
Recorded Future analysts identified key threat actors operating on Telegram platforms, particularly @webu8, who advertises specialized burner phones and ghost-tapping services to Chinese-speaking c...
The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) addressed by Microsoft in April 2025, as reported by...
A Rotherham man has been sentenced to 20 months behind bars for a range of hacktivism-related offenses. Al-Tahery Al-Mashriky, 26, was arrested in 2022 by National Crime Agency (NCA) officers after...
A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw w...
The SpiderLabs Research team recently observed an EncryptHub campaign that combines social engineering and the exploitation of the Microsoft Management Console (MMC): CVE-2025-26633. This vulnerabi...
A Chinese-speaking advanced persistent threat (APT) group, tracked as UAT-7237, has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools wit...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-24975 FirebirdSQL - firebird...
UK-based telecommunications company Colt Technology Services is dealing with a cyberattack that has caused a multi-day outage of some of the company’s operations, including hosting and porting serv...
The Dutch newspaper Leeuwarder Courant has reported that dozens of speed cameras remain offline after they were temporarily shut down following the system compromise. The cyberattack itself, which ...
Cisco has disclosed a critical vulnerability in its Secure Firewall Management Center (FMC) Software. The remote code execution (RCE) flaw, CVE-2025-20265, has a maximum CVSS severity score of 10.0...
One of the recent discoveries made by ThreatFabric’s analysts continues this trend. In this report we introduce PhantomCard - a new Android NFC-based Trojan targeting banking customers in Brazil an...
This blog post breaks down the data from recent attacks, reveals the propaganda and recruitment tactics being used by threat actors, details the phishing and fake offer scams to watch out for, and ...