Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry The Wiz Customer Incident Response Team (CIRT) has investigated multiple intrusions targeting cryptocurrency organiza...

EspoCRM 9.3.3 - SSRF Vulnerability 🚨 An authenticated Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2026-33534, has been reported in EspoCRM version 9.3.3. This vulnerability...

Sparkplug B Protocol Fuzzing with AI Assistance 🚀 Source: Bishopfox Date Published: May 26, 2026 Sparkplug B is the dominant MQTT-based protocol in industrial control and SCADA environments, but ...

Silent Ransom Group Targeting Law Firms 🚨 The Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is actively targeting law firms through sophisticated social engineeri...

ABB LVS MConfig Vulnerability Advisory ABB has identified an internally discovered vulnerability in the MConfig product. This vulnerability affects the following versions: LVS <= 1.4.9.21. An a...

The AI Era Is Creating a Bug Hunting Arms Race 🚀 Vulnerability disclosure and bug bounty programs have represented a paradigm shift years in the making. When Apple finally announced a bug bounty i...

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet TrendAI™ Research has conducted an in-depth analysis of a sophisticated intrusion where threat actors utilized the Ethe...

Eppendorf BioFlo 320 Vulnerability Alert 🚨 Source: CISA Date Published: May 26, 2026 A critical vulnerability has been identified in the Eppendorf BioFlo 320 bioreactor. Successful exploitation o...

Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions A well-known advanced persistent threat group called Cloud Atlas has been caught using a dangerous technique to hijack Wi...

🚨 Zero-Click WhatsApp Account Takeover 🚨 A zero-click attack targeting iPhones on iOS 16 has been reported, hijacking WhatsApp accounts without any linked devices, warnings, or user interaction. T...

The Alert Firehose Finally Meets Its Match 🚀 Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear terms like “Noisy” or “Too much data.” However, teams utili...

🚨 Major Data Breach Alert! 🚨 A threat actor is advertising a massive database containing information linked to hundreds of millions of OnlyFans users, including both creators and subscribers. The ...

Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability In late 2025, Mandiant responded to a security incident involving a compromised web server running KnowledgeDeliver. Kn...

🚨 British Drivers Exposed After Mercedes Data Surfaces on Hacker Market Mercedes-Benz, the globally renowned German luxury automotive brand, may be the latest victim in a string of attacks against...

PyrsistenceSniper: Advanced Tool for Detecting Malware Techniques 🚀 PyrsistenceSniper is an advanced tool designed to detect offline persistence, enabling cybersecurity analysts to identify 117 se...

npm Enhances Security with 2FA-Gated Publishing 🚀 GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly appr...

Italy Disrupts CINEMAGOAL Piracy App 🚨 Italian authorities have dismantled a piracy ecosystem centered around the CINEMAGOAL app that provided access to various streaming platforms, including Netf...

An Example of Stack String in High Level Language This week, I’m attending the SEC670 training (Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control). From my perspectiv...

Megalodon Chums the Waters in 5.5K+ GitHub Repo Poisonings 🚨 A malware-spreading scumbag swimming through GitHub pushed malicious commits to more than 5,500 repositories on Monday as part of an au...