SECURITY 77

Severe Hikvision HikCentral Product Flaws What You Need to Know Sep 4, 2025
Google fixes actively exploited Android flaws in September update Sep 3, 2025
Azure AD Credentials Exposed in Public App Settings File Sep 2, 2025
WhatsApp patches vulnerability exploited in zero-day attacks Aug 29, 2025
Apple rushes out fix for active zero-day in iOS and macOS Aug 21, 2025
Major password managers can leak logins in clickjacking attacks Aug 20, 2025
Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data Aug 20, 2025
New Research Links VPN Apps, Highlights Security Deficiencies Aug 19, 2025
New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay Aug 18, 2025
EncryptHub Abuses Brave Support in new Campaign Exploiting- MSC Eviltwin Flaw Aug 16, 2025
New 'Curly COMrades' APT Using NGEN COM Hijacking in Georgia, Moldova Attacks Aug 12, 2025
OWASP AIVSS targets agentic AI risk Aug 6, 2025
Critical Vulnerability Impacting Over 100K Sites Patched in Everest Forms Plugin Aug 6, 2025
Smart Contract Scams | Ethereum Drainers Pose as Trading Bots to Steal Crypto Aug 5, 2025
ReVault! When your SoC turns against you… Aug 5, 2025
Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives Aug 4, 2025
New Plague Linux malware stealthily maintains SSH access Aug 4, 2025
Fingerprinting Malware C2s with Tags Aug 4, 2025
Critical Vulnerability in NestJS Devtools Localhost RCE via Sandbox Escape Aug 1, 2025
Dahua Camera flaws allow remote hacking. Update firmware now Jul 31, 2025
Qwins Ltd Bulletproof Hosting Provider Powering Global Malware Campaigns Jul 30, 2025
Exploiting Direct Send Attackers Abuse Microsoft 365 to Deliver Internal Phishing Attacks Jul 30, 2025
Auto-Color Backdoor How Darktrace Thwarted a Stealthy Linux Intrusion Jul 29, 2025
Attackers Actively Exploiting Critical Vulnerability in Alone Theme Jul 29, 2025
Hackers Exploit Official Gaming Mouse Software to Spread Windows-based Xred Malware Jul 26, 2025
Critical Vulnerabilities Found in Tridium Niagara Framework Jul 23, 2025
Account Takeover Vulnerability Affecting Over 400K Installations Patched in Post SMTP Plugin Jul 23, 2025
BIDI Swap Unmasking the Art of URL Misleading with Bidirectional Text Tricks Jul 22, 2025
NET RFQ Request for Quote Scammers Casting Wide Net to Steal Real Goods Jul 21, 2025
Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict Jul 21, 2025
Fake Receipts Generators the rising threat to major retail brands Jul 17, 2025
British spies and SAS named in Afghan data breach Jul 17, 2025
Zyxel security advisory for path traversal vulnerability in APs Jul 15, 2025
Tracking Protestware Spread 28 npm Packages Affected by Payload Targeting Russian-Language Users Jul 15, 2025
Konfety Returns Classic Mobile Threat with New Evasion Techniques Jul 15, 2025
Global Louis Vuitton data breach impacts UK, South Korea, and Turkey Jul 14, 2025
DOGE Denizen Marko Elez Leaked API Key for xAI Jul 14, 2025
Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) Jul 11, 2025
macOS.ZuRu Resurfaces | Modified Khepri C2 Hides Inside Doctored Termius App Jul 10, 2025
At last, a use case for AI agents with sky-high ROI Stealing crypto Jul 10, 2025
Asus and Adobe vulnerabilities Jul 10, 2025
Server with Rockerbox Tax Firm Data Exposed 286GB of Records Jul 9, 2025
Risky Bulletin Browser extensions hijacked for web scraping botnet Jul 9, 2025
Attackers Inject Code into WordPress Theme to Redirect Visitors Jul 9, 2025
Animation-Driven Tapjacking on Android Jul 8, 2025
Unmasking Insecure HTTP Data Leaks in Popular Chrome Extensions Jul 5, 2025
Large Language Models (LLMs) Are Falling for Phishing Scams What Happens When AI Gives You the Wrong URL? Jul 1, 2025
Can You Trust that Verified Symbol? Exploiting IDE Extensions is Easier Than it Should Be Jul 1, 2025
Zero-day Bluetooth gap turns millions of headphones into listening stations Jun 26, 2025
Extracting Lines of Interest From Zeek Logs Jun 26, 2025
The Case of Hidden Spam Pages Jun 25, 2025
In the Wild Malware Prototype with Embedded Prompt Injection Jun 25, 2025
Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack Jun 24, 2025
Another Wave North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages Jun 24, 2025
Trix Shots Remote Code Execution on Aviatrix Controller Jun 23, 2025
ConnectUnwise Threat actors abuse ConnectWise as builder for signed malware Jun 23, 2025
Androxgh0st Continues Exploitation Operators Compromise a US University For Hosting C2 Logger Jun 22, 2025
What’s Inside the Massive Chinese Data Leak Jun 18, 2025
Fault Injection – Follow the White Rabbit Jun 18, 2025
Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User Jun 13, 2025
The TokenBreak Attack Jun 12, 2025
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs Jun 12, 2025
GitHub Device Code Phishing Jun 12, 2025
From Trust to Threat Hijacked Discord Invites Used for Multi-Stage Malware Delivery Jun 12, 2025
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data Jun 12, 2025
The Evolution of Linux Binaries in Targeted Cloud Operations Jun 10, 2025
Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account Jun 10, 2025
Peep show 40K IoT cameras worldwide stream secrets to anyone with a browser Jun 10, 2025
Critical Vulnerability Patched in SAP NetWeaver Jun 10, 2025
Blitz Malware A Tale of Game Cheats and Code Repositories Jun 6, 2025
ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware Jun 5, 2025
Same Automated Impersonation for All Jun 4, 2025
Roundcube Webmail under fire critical exploit found after a decade Jun 4, 2025
Fake WordPress Caching Plugin Used to Steal Admin Credentials Jun 4, 2025
Versa Concerto Understanding and Mitigating CVE-2025-34027 Jun 2, 2025
Mark Your Calendar APT41 Innovative Tactics May 28, 2025
The Sharp Taste of Mimo’lette Analyzing Mimo’s Latest Campaign targeting Craft CMS May 27, 2025