This week, Pakistan’s National Cyber Emergency Response Team (NCERT) has issued an advisory to 39 key ministries and institutions, warning them of a “severe risk” posed by the ongoing ‘Blue Locker’...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-26009 Fortinet - FortiPAMFor...

Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The...

We recently identified a new ransomware family called Charon, deployed in a targeted attack observed in the Middle East’s public sector and aviation industry. The threat actor employed a DLL sidelo...

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term acces...

Today is Microsoft’s August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly disclosed zero-day vulnerability in Windows Kerberos. Of the 107 vulnerabilitie...

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C#, which we are referring to as “PS1Bot.” One...

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to comprom...

The North Korean state-sponsored hackers known as Kimsuky have reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky’s values, stole the group’s da...

The Netherlands’ National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach “critical organizations” in the cou...

Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang’s encryptors, allowing them to recover a victim’s files for free without paying a ransom. The security company repor...

In a significant victory for international law enforcement, four Ghanaian nationals alleged to be the leaders of a massive cybercrime enterprise have been extradited to the United States to face ch...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-31511 n/a - n/a An iss...

A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct powerful distributed denial-of-...

Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities in...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-31511 n/a - n/a An iss...

Privacy groups report a surge in UK police facial recognition scans of databases secretly stocked with passport photos lacking parliamentary oversight. Big Brother Watch says the UK government has...

The U.S. Federal Judiciary has officially confirmed that its electronic case management systems (CM/ECF and PACER) were targeted by a “sophisticated and persistent” cyberattack. This statement came...

Key Findings SocGholish, operated by TA569, actually functions as a Malware-as-a-Service (MaaS) vendor, selling access to compromised systems to various financially motivated cybercriminal clients....

“Ukraine’s Defence Intelligence agency (HUR) claims that its hackers have successfully stolen secret files and classified data on a state-of-the-art Russian nuclear submarine, the “Knyaz Pozharsky....