The real innovation lies hidden from the user. Buried within the email’s source code is text deliberately written in the style of prompts for large language models like ChatGPT or Gemini. This “pro...

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its cr...

In a sweeping INTERPOL-coordinated operation, authorities across Africa have arrested 1,209 cybercriminals targeting nearly 88,000 victims. The crackdown recovered USD 97.4 million and dismantled 1...

Exclusive: A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company. Access Personal Checking Services (APCS) has writ...

Threat actors are abusing virtual private servers (VPS) to compromise software-as-a-service (SaaS) accounts, according to an investigation by Darktrace. The cybersecurity vendor identified coordina...

The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India. The activity, documented in reports by CYFIRMA and Clo...

Noah Michael Urban, a key member of the Scattered Spider cybercrime collective, was sentenced to 10 years in prison on Wednesday after pleading guilty to charges of wire fraud and conspiracy in Apr...

A threat actor has compromised 850,000 Orange Belgium customer accounts, with SIM card numbers and Personal Unblocking Key (PUK) codes among the data potentially accessed. The PUK code is an eight...

Split QR codes emerged as a stealthier method, dividing a single code into two separate image fragments that appear benign when viewed independently. Email scanners inspecting image attachments typ...

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from infor...

Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks. Logged as CVE-2025-43300, the...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2009-10005 ContentKeeper Technolo...

The flaws were presented during the recent DEF CON 33 hacker conference by independent researcher Marek Tóth. Researchers at cybersecurity company Socket later verified the findings and helped info...

The affected application is made by Workhorse Software Services, which provides software solutions to 310 municipalities in Wisconsin. The vendor has released patches and mitigations after being no...

A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to esta...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2024-44373 n/a - n/a A Path...

These personalized attacks primarily target key employees and generic organizational inboxes such as info@ and support@, creating a sense of urgency through legal threats that pressure recipients i...

An Oregon man was charged by a federal criminal complaint today in the District of Alaska on charges related to his alleged development and administration of the “Rapper Bot” DDoS-for-hire Botnet t...

Nearly two dozen VPN applications in Google Play contain security weaknesses impacting the privacy of their users, exposing transmitted data to decryption, a new Citizen Lab report shows. Furtherm...

Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers. Researchers a...