BRICKSTORM is a sophisticated backdoor malware attributed to People’s Republic of China (PRC) state-sponsored cyber actors, who have been using it to maintain long-term persistence on compromised s...
The exploitability of application data which is stored on the client side (e.g., in a “viewstate”) has been thoroughly documented since 2010 for ASP.NET. However, exploiting the ASP.NET viewstate r...
A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed, with multiple threat clusters using the technique to gain unauthorized access to Microsoft ...
A newly observed variant of the BeaverTail malware has been tied to hackers associated with North Korea. The findings come from Darktrace’s latest The State of Cybersecurity report, which links Bea...
North Korea’s yearly cryptocurrency thefts have accelerated, with Kim’s state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025. That’s according to research from blockc...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2014-3146 n/a - n/a Incompl...
The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. The fir...
Source: Bleeping Computer Excerpt: Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign dubbed GhostPairing. This type of att...
Cisco Talos recently discovered a campaign targeting Cisco AsyncOS Software for Cisco Secure Email Gateway, formerly known as Cisco Email Security Appliance (ESA), and Cisco Secure Email and Web Ma...
ShadyPanda has exploited trusted browser extensions to compromise millions of users, illustrating how legitimate software can unexpectedly become harmful. Between 2024 and 2025, one threat actor ex...
Between June 2024 and April 2025, Recorded Future’s Insikt Group identified a sustained credential-harvesting campaign targeting users of UKR.NET, a widely used Ukrainian webmail and news service. ...
Source: Cybernews Widely used Chrome browser extensions have been quietly wiping users’ conversations with AI chatbots and selling the sensitive data to third parties. However, after analyzing the...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-0836 Milestone Systems - XPr...
On December 5th, a Russian APT targeted Transnistria’s governing body with a credential phishing email attachment, spoofing the Pridnestrovian Moldavian Republic. The HTML loads the image in a DIV ...
Amazon detailed a long-running campaign by Russia against critical infrastructure organizations, particularly in the energy sector. Amazon Threat Intelligence published a blog post detailing a mult...
Hackers tied to ShinyHunters extort PornHub after stealing search and viewing history of Premium users in a Mixpanel data breach. PornHub faces extortion after hackers linked to ShinyHunters alleg...
Google has announced that early next year they are discontinuing the dark web report, which was meant to monitor breach data that’s circulating on the dark web.\n\nThe news raised some eyebrows, bu...
Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations. The campaign...
Japanese e-commerce and logistics company Askul has revealed that a recent data breach stemming from a ransomware attack has resulted in over 700,000 records being compromised. However, prior to t...
The xHunt advanced persistent threat group has firmly established itself as a sophisticated cyber-espionage actor, orchestrating targeted campaigns against organizations in Kuwait. Since its emerge...