Active Exploitation Alert
224 posts
Active Exploitation Alert
Microsoft Patch Tuesday April 2026: Critical Vulnerabilities, RDP and Secure Boot Zero-Days Impacting Windows Systems
Active Exploitation Alert
McGraw-Hill Salesforce Data Breach 2026: Analysis of ShinyHunters Extortion and Cloud Misconfiguration Risks
Active Exploitation Alert
Google Integrates Rust-Based DNS Parser into Pixel 10 Modem Firmware to Strengthen Mobile Security
Active Exploitation Alert
CPUID Supply Chain Attack: STX RAT Malware Distributed via Trojanized CPU-Z and HWMonitor Downloads
Active Exploitation Alert
Adobe Acrobat and Reader CVE-2026-34621: Critical Prototype Pollution Vulnerability Actively Exploited, Urgent Patch Released
Active Exploitation Alert
Warlock Ransomware Exploits Unpatched Microsoft SharePoint and SmarterMail Servers: Tactics, Analysis, and Mitigation Guidance
Active Exploitation Alert
LeakNet Ransomware Exploits ClickFix via Compromised Websites to Attack Windows Environments with Deno In-Memory Loader
Active Exploitation Alert
Konni Targets KakaoTalk Desktop with EndRAT: Multi-Stage Phishing Attack Exploits Social Messaging for Malware Propagation
Active Exploitation Alert
Intuitive Surgical Administrative Network Breach: 2026 Phishing Attack Exposes Employee and Customer Data
Active Exploitation Alert
GlassWorm ForceMemo Campaign: Supply Chain Attack Targets GitHub Python Repositories with Stolen Tokens and Blockchain-Based Malware
Active Exploitation Alert
EU Sanctions on Chinese and Iranian Firms: Raptor Train Botnet, SMS Service, and Olympic Billboard Cyberattacks Targeting European Critical Infrastructure
Active Exploitation Alert
CVE-2026-32746: Critical Unpatched Vulnerability in GNU InetUtils telnetd Enables Unauthenticated Remote Root Code Execution via Port 23
Active Exploitation Alert
Critical AI Vulnerabilities in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and Remote Code Execution
Active Exploitation Alert
Apple Urgent Security Update: CVE-2025-14174 WebKit Same-Origin Policy Bypass Vulnerability Impacts iOS, macOS, Chrome, and Edge
Active Exploitation Alert
VENON Rust Malware Targets Itaú and 32 Other Brazilian Banks with Advanced Credential-Stealing Attacks
Active Exploitation Alert
Veeam Backup & Replication Vulnerabilities: Critical RCE Flaws Patched in Latest Security Update
Active Exploitation Alert
Starbucks Partner Central Data Breach Exposes Sensitive Employee Information in Credential Phishing Attack
Active Exploitation Alert
Iranian CyberAv3ngers Target Unitronics Vision PLCs in US Critical Infrastructure Amid Rising Geopolitical Tensions
Active Exploitation Alert
GlassWorm Supply-Chain Attack Exploits Open VSX Extensions to Target Developer Environments
Active Exploitation Alert
Cyberattack on Poland’s National Centre for Nuclear Research (NCBJ): Attempted Breach of MARIA Reactor IT Systems Thwarted
Active Exploitation Alert
CVE-2026-23813: Critical Authentication Bypass in HPE Aruba AOS-CX Allows Remote Admin Password Reset
Active Exploitation Alert
Chinese Cyber Espionage Targets Southeast Asian Military C4I Systems Using AppleChris and MemFun Malware
Active Exploitation Alert
AppsFlyer Web SDK Supply Chain Attack: Global Crypto-Stealing JavaScript Injection and Mitigation Analysis
Active Exploitation Alert
University of Mississippi Medical Center Restores Epic EHR System After Major Ransomware Attack and Nine-Day Clinic Closure
Active Exploitation Alert
LexisNexis AWS Data Breach 2026: React2Shell Exploit Exposes Legacy Data in Cloud Hack
Active Exploitation Alert
Global Surge: 149 Hacktivist DDoS Attacks Target SCADA and Critical Infrastructure Across 16 Countries After Middle East Conflict
Active Exploitation Alert
Europol Dismantles Tycoon 2FA: Inside the Takedown of a 64,000-Attack Phishing-as-a-Service Platform
Active Exploitation Alert
QuickLens Chrome Extension Supply Chain Attack: Cryptocurrency Theft and ClickFix Malware Campaign Analysis
Active Exploitation Alert
ClawJacked Vulnerability in OpenClaw Allows Malicious Websites to Hijack Local AI Agents and Steal Data
Active Exploitation Alert
AI-Powered Cyberattack Using Claude Code Compromises Mexico’s Tax Authority and Government Agencies in Massive Data Breach
Active Exploitation Alert
South Korean National Tax Service Exposes Ledger Wallet Seed, Leading to $4.8M PRTG Token Theft
Active Exploitation Alert
Canadian Tire E-Commerce Database Breach Exposes Data of 38 Million Customer Accounts in 2025
Active Exploitation Alert
US Sanctions Russian Exploit Broker Operation Zero for Theft and Sale of Zero-Day Exploits Targeting US Systems
Active Exploitation Alert
Trend Micro Apex One On-Premise Critical RCE Vulnerabilities (CVE-2025-54948, CVE-2025-54987) Exploited in the Wild – Urgent Patch Required
Active Exploitation Alert
Olympique Marseille Cyberattack 2026: Club Confirms Attempted Website Breach Amid Supporter Data Leak Claims
Active Exploitation Alert
Google Disrupts UNC2814 GRIDTIDE Malware Abusing Google Sheets API in Global Telecom and Government Espionage Campaign
Active Exploitation Alert
Dohdoor Backdoor Attack: UAT-10027 Targets Windows Systems in U.S. Education and Healthcare Sectors
Active Exploitation Alert
CVE-2026-20127: Critical Zero-Day Exploited in Cisco Catalyst SD-WAN Controller and Manager by Advanced Hackers
Active Exploitation Alert
Critical Cisco SD-WAN Zero-Day (CVE-2026-20127) Enables Remote Admin Access: Active Exploitation and Mitigation Guidance
Active Exploitation Alert
UnsolicitedBooker APT Targets Kyrgyzstan and Tajikistan Telecoms With LuciDoor and MarsSnake Backdoors
Active Exploitation Alert
RustyWater: Iranian MuddyWater APT Targets Israeli Government and Infrastructure With Advanced Rust-Based Malware Amid Rising Tensions
![Operation MacroMaze: APT28 Exploits Microsoft Office Macros and Webhook[.]site for Spear-Phishing Attacks Against European Critical Infrastructure](https://static.wixstatic.com/media/eee5a8_532ff7581012444f87a917a594744cdd~mv2.png/v1/fill/w_1024,h_1024,al_c,q_90/eee5a8_532ff7581012444f87a917a594744cdd~mv2.png)
Active Exploitation Alert
Operation MacroMaze: APT28 Exploits Microsoft Office Macros and Webhook[.]site for Spear-Phishing Attacks Against European Critical Infrastructure
Active Exploitation Alert
UNC3886 Cyber Espionage Campaign Exploits Fortinet and VMware Zero-Days to Breach Singapore Telecom Sector
Active Exploitation Alert
UNC1069 Targets Cryptocurrency Organizations with AI Deepfake Lures and Multi-Stage Malware on Windows and macOS
Active Exploitation Alert
Shields Up Initiative: How AI, Zero Trust, and Cloud-Native Security Are Transforming Cyber Defenses
Active Exploitation Alert
Reynolds Ransomware Exploits CVE-2025-68947 in NsecSoft NSecKrnl Driver to Disable Windows EDR Security Tools
Active Exploitation Alert
Exposed MongoDB Servers Remain Prime Targets for Automated Data Extortion Attacks and Vulnerability Exploitation
Active Exploitation Alert
Notepad++ Update Mechanism Hijacked: Supply Chain Attack Delivers Malware to Targeted Users
Active Exploitation Alert
NationStates Data Breach Report: Technical Analysis of the 2026 Dispatch Search Vulnerability and RCE Incident
Active Exploitation Alert
Japan-UK Partnership Strengthens Cybersecurity and Critical Minerals Supply Chains Amid Rising Chinese Influence
Active Exploitation Alert
GlassWorm Supply Chain Attack Exploits Open VSX Registry to Infect VSCode Extensions with Advanced Malware
Active Exploitation Alert
ShinyHunters Vishing Attacks Bypass MFA to Breach Okta, Microsoft 365, and Google Workspace SaaS Platforms
Active Exploitation Alert
RedKitten APT Targets Microsoft Excel Vulnerabilities in Cyber-Espionage Campaign Against Iranian Human Rights NGOs and Activists
Active Exploitation Alert
Ivanti Endpoint Manager Mobile (EPMM) Zero-Day RCE Vulnerabilities (CVE-2023-35078 & CVE-2023-35081) Actively Exploited: Security Updates and Mitigation Guidance
Active Exploitation Alert
Hugging Face Abused to Distribute Polymorphic Android RAT TrustBastion Malware Campaign Targeting Asia-Pacific Users
Active Exploitation Alert
eScan Antivirus Supply Chain Attack: Malicious Update Delivers Malware to South Asian Users
Active Exploitation Alert
CERT Polska Report: Coordinated Cyberattacks Disrupt Poland’s FortiGate-Managed Wind and Solar Farms
Active Exploitation Alert
WhisperPair Bluetooth Fast Pair Vulnerability (CVE-2025-36911) Exposes Millions of Audio Accessories to Remote Hijacking, Eavesdropping, and Location Tracking
Active Exploitation Alert
LOTUSLITE Backdoor Targets U.S. Government and Policy Organizations via Venezuela-Themed Spear Phishing: Mustang Panda Cyber-Espionage Campaign Analysis
Active Exploitation Alert
GootLoader Malware Exploits Windows ZIP Handling with 1,000-Part Nested Archives to Evade Detection
Active Exploitation Alert
CVE-2026-23550: Critical WordPress Modular DS Plugin Vulnerability Actively Exploited for Admin Access
Active Exploitation Alert
Critical XSS Vulnerability in StealC Malware Admin Panel Allows Researchers to Infiltrate and Monitor Threat Actor Operations
Active Exploitation Alert
Critical Fortinet FortiSIEM Vulnerability CVE-2024-23108 Actively Exploited: Risks, Attack Analysis, and Mitigation Steps
Active Exploitation Alert
Critical CVE-2024-20353 Zero-Day Exploited by China-Linked APT Hits Cisco Secure Email Gateway and Secure Email and Web Manager
Active Exploitation Alert
CIRO Data Breach Exposes Sensitive Information of 750,000 Canadian Investors in Major 2025 Cyberattack
Active Exploitation Alert
Zero-Day Vulnerability in Discontinued D-Link Routers Actively Exploited for Remote Code Execution and Botnet Attacks
Active Exploitation Alert
Microsoft 365 and Exchange Vulnerability: How Misconfigured Email Routing Enables Internal Phishing Attacks
Active Exploitation Alert
Critical RCE Vulnerability (CVE-2025-59470) in Veeam Backup & Replication: Patch Released to Prevent Exploitation
Active Exploitation Alert
Transparent Tribe (APT36) Deploys Advanced RAT Attacks Targeting Indian Government and Academic Institutions via LNK and HTA Malware
Active Exploitation Alert
Resecurity Honeypot Incident: Analysis of Scattered Lapsus$ Hunters’ Claimed Breach and Threat Intelligence Effectiveness
Active Exploitation Alert
Kimwolf Botnet: Massive Android TV Box and IoT Malware Threat Exploiting Global Networks
Active Exploitation Alert
Google Cloud Application Integration Exploited in Sophisticated Multi-Stage Phishing Campaign Targeting Microsoft 365 Credentials
Active Exploitation Alert
Covenant Health Qilin Ransomware Breach: Technical Analysis of 2025 Attack Impacting 478,188 Patient Records
Active Exploitation Alert
WebRAT Malware Campaign Targets Security Researchers via Fake CVE Exploit PoCs on GitHub
Active Exploitation Alert
La Poste and La Banque Postale Hit by Pro-Russian Noname057(16) DDoS Cyberattack in December 2025
Active Exploitation Alert
Healthcare Industry Pushes Back on HIPAA Security Rule Overhaul: Impact on Electronic Protected Health Information (ePHI) Systems
Active Exploitation Alert
Fake MAS Windows Activation Domain Infects Windows Systems with Cosmali Loader and XWorm PowerShell Malware
Active Exploitation Alert
Critical CVE-2025-14847 Vulnerability in MongoDB Server: Patch Now to Prevent Remote Code Execution and Data Exposure
Active Exploitation Alert
WatchGuard Fireware OS VPN Vulnerability (CVE-2025-14733) Actively Exploited – Urgent Security Alert and Mitigation Guidance
Active Exploitation Alert
U.S. DOJ Charges 54 in Ploutus Malware ATM Jackpotting Attacks Targeting Diebold Nixdorf and Kalignite Systems
Active Exploitation Alert
Storm-2372: Russia-Linked Hackers Exploit Microsoft 365 Device Code Phishing for Account Takeovers
Active Exploitation Alert
Russian Cyberattacks on Tureby Alkestrup Waterworks and Danish Election Websites: Attribution, Impact, and Mitigation
Active Exploitation Alert
Microsoft 365 Under Attack: OAuth Device Code Phishing Campaigns Bypass MFA and Compromise Accounts (2024–2025)
Active Exploitation Alert
Iranian Infy (Prince of Persia) APT Returns: New Microsoft Windows and Office Malware Campaigns Exploit Telegram-Based C2
Active Exploitation Alert
CVE-2025-14733: Critical WatchGuard Firebox Firewall RCE Vulnerability Actively Exploited in the Wild
Active Exploitation Alert
CountLoader and GachiLoader Malware Targeting Windows Systems via Cracked Software and YouTube Campaigns
Active Exploitation Alert
ArcaneDoor Exploits Cisco ASA/FTD VPNs and Ransomware Groups Target Enterprise Email Services in 2024–2025 Campaigns
Active Exploitation Alert
SonicWall SMA 1000 Zero-Day Attack Chain: CVE-2025-23006 and CVE-2025-40602 Actively Exploited, Patch Now
Active Exploitation Alert
Kimsuky Campaign Uses QR Phishing to Distribute DocSwap Android Malware via Fake CJ Logistics Delivery App
Active Exploitation Alert
CVE-2025-68260: Critical Race Condition in Rust-Based Android Binder Subsystem Affects Linux Kernel 6.18+
Active Exploitation Alert
CVE-2025-55182: Critical React Server Components Vulnerability (React2Shell) Exploited in Ransomware and APT Attacks
Active Exploitation Alert
Cisco AsyncOS Email Security Appliance Zero-Day (CVE-2025-20393) Actively Exploited in Ongoing Attacks
Active Exploitation Alert
CISA Adds Critical ASUS Live Update Supply Chain Vulnerability to KEV After Confirmed Exploitation (CVE-2025-59374)
Active Exploitation Alert
AWS Cryptomining Attack: Threat Intelligence on Stolen IAM Credentials Fueling Large-Scale EC2 & ECS Abuse
Active Exploitation Alert
APT28 Credential Phishing Campaign Targets UKR.net Users: Technical Analysis and Threat Intelligence Report
Active Exploitation Alert
CVE-2025-55182 React2Shell: Chinese APT Groups Exploit Critical React Server Components Vulnerability for Malware Delivery
Active Exploitation Alert
Rescana Threat Intelligence Report: Widespread Exploitation of React Server Components via CVE-2025-55182 (React2Shell)
Active Exploitation Alert
PyStoreRAT Malware Campaign: Fake OSINT and GPT GitHub Repositories Target Security Researchers and Cryptocurrency Users
Active Exploitation Alert
Critical Sierra Wireless AirLink ALEOS Router Vulnerability (CVE-2018-4063) Added to CISA KEV After Active Exploitation Enables Remote Code Execution
Active Exploitation Alert
Apple Urgently Patches WebKit Zero-Day Vulnerabilities Exploited in Targeted Attacks Affecting iOS, macOS, and Safari
Active Exploitation Alert
AI-Driven Phishing Kits Target Microsoft 365 and European Banks with Advanced MFA Bypass Techniques
Active Exploitation Alert
Zero-Click Vulnerability in Perplexity Comet Browser Allows Full Google Drive Deletion via Crafted Emails
Active Exploitation Alert
ShadowMQ Vulnerabilities: Over 30 Critical Flaws in Meta Llama, NVIDIA TensorRT-LLM, vLLM, and Other AI Inference Engines Enable Data Theft and Remote Code Execution
Active Exploitation Alert
React2Shell (CVE-2025-55182): Mass Exploitation of React Server Components and Next.js Threatens 77,000 Systems and 30+ Organizations
Active Exploitation Alert
Critical XXE Vulnerability CVE-2025-66516 (CVSS 10.0) in Apache Tika Enables File Disclosure, SSRF, and Remote Code Execution – Immediate Patch Required
Active Exploitation Alert
Barts Health NHS Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
StealC V2 Infostealer Delivered via Malicious Blender 3D Asset Files: Threat Analysis and Mitigation
Active Exploitation Alert
Shai-Hulud npm Supply Chain Attack: 640 Malicious Packages Compromise JavaScript Ecosystem
Active Exploitation Alert
JackFix Attack Targets Windows and macOS: Advanced Social Engineering Bypasses ClickFix Security Controls
Active Exploitation Alert
Dartmouth College Data Breach: Clop Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
BADBOX 2.0 and Vo1d Botnets: Android TV Streaming Box Infections, Impacted Models, and Mitigation Strategies
Active Exploitation Alert
Tsundere Botnet Targets Windows Users with Fake Game Installers and Ethereum-Based C2 Infrastructure
Active Exploitation Alert
Salesforce Security Incident: Unauthorized Data Access via Compromised Gainsight OAuth Integrations
Active Exploitation Alert
Iberia Airline Club Loyalty Data Exposed in Third-Party Vendor Breach: Incident Analysis and Mitigation Steps
Active Exploitation Alert
Critical Zero-Day Exploited in Oracle Identity Manager (CVE-2025-61757): Pre-Auth RCE Vulnerability Analysis and Mitigation
Active Exploitation Alert
Critical CVE-2025-41115 SCIM Vulnerability in Grafana Enterprise Allows Remote Impersonation and Privilege Escalation
Active Exploitation Alert
Cox Enterprises Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day Vulnerability (CVE-2025-61882)
Active Exploitation Alert
APT31 Exploits Yandex.Browser and Cloud Services in Stealthy Cyberattacks on Russian IT Sector
Active Exploitation Alert
Eurofiber France Customer Data Breach: Hacker Attempts to Sell Compromised Information from Customer Data Systems
Active Exploitation Alert
Critical Zero-Day Exploits Target Cisco ISE and Citrix NetScaler: Amazon Uncovers In-the-Wild Attacks
Active Exploitation Alert
CitrixBleed 2 (CVE-2025-5777) Zero-Day: Critical Memory Leak Hits Citrix NetScaler ADC and Gateway Systems
Active Exploitation Alert
Shai-Hulud Worm Attack Compromises npm Registry: Over 46,000 Malicious Packages and Widespread Credential Theft
Active Exploitation Alert
Critical Vulnerabilities Patched in Mozilla Firefox 145 and Google Chrome 142: Update Now to Prevent Remote Code Execution
Active Exploitation Alert
LANDFALL Android Spyware Exploiting CVE-2025-21042 Zero-Day to Target Samsung Galaxy Devices
Active Exploitation Alert
GlassWorm Malware Infects Visual Studio Code Extensions: Open VSX and GitHub Supply Chain Attack Analysis
Active Exploitation Alert
GlassWorm Malware Infects Thousands via Malicious Visual Studio Code Extensions: Supply Chain Attack Report
Active Exploitation Alert
CVE-2025-12480: Triofox Zero-Day Exploited to Deploy Remote Access Tools via Antivirus Feature Misuse
Active Exploitation Alert
Critical RCE Vulnerability (CVE-2025-12735) in JavaScript Library expr-eval and expr-eval-fork – Risk and Remediation Guide
Active Exploitation Alert
APT37 Exploits Google Find Hub to Wipe Android Devices in Targeted South Korean Attacks
Active Exploitation Alert
Trojanized ESET AV Remover Installers Spread Kalambur Backdoor in Targeted Phishing Attacks on Ukrainian Systems
Active Exploitation Alert
Samsung Galaxy Zero-Day (CVE-2025-21042) Exploited to Deploy LANDFALL Android Spyware via WhatsApp DNG Images
Active Exploitation Alert
Malicious NuGet Packages Plant Time-Delayed Logic Bombs Targeting .NET Database and ICS Systems
Active Exploitation Alert
Landfall Android Spyware Exploits CVE-2025-21042 Zero-Day to Target Samsung Galaxy Devices via WhatsApp
Active Exploitation Alert
GlassWorm Malware Resurfaces: 3 Malicious VSCode Extensions Discovered on OpenVSX Supply Chain
Active Exploitation Alert
Evolving ClickFix Attacks Targeting macOS: Social Engineering, Multi-Platform Payloads, and Credential Theft
Active Exploitation Alert
Congressional Budget Office (CBO) Cisco ASA Firewall Breach: Cyberattack Details, Impact, and Security Measures Implemented
Active Exploitation Alert
Cisco ASA and FTD Firewall Vulnerabilities: Active Exploitation of CVE-2025-20333 and CVE-2025-20362 Enables DoS Attacks and Full Device Compromise
Active Exploitation Alert
University of Pennsylvania PennKey SSO Breach Exposes 1.2 Million Donor Records in Major Data Leak
Active Exploitation Alert
Remote Monitoring and Management (RMM) Tools Exploited in Logistics and Freight Cyberattacks – Rescana Threat Intelligence Report
Active Exploitation Alert
Microsoft Uncovers SesameOp Malware: OpenAI Assistants API Abused for Stealthy Command-and-Control Operations
Active Exploitation Alert
Jabber Zeus Banking Trojan: Ukrainian Developer Extradited to US for Major Windows-Based Cybercrime Operation
Active Exploitation Alert
HttpTroy Backdoor Targets Windows Systems via Fake VPN Invoice in Kimsuky Cyberattack on South Korea
Active Exploitation Alert
GlassWorm Supply-Chain Attack on Open VSX Registry: Technical Analysis and Mitigation of Malicious Extension Incident
Active Exploitation Alert
Fake Solidity VSCode Extension on Open VSX Used to Backdoor Blockchain Developers and Steal Cryptocurrency
Active Exploitation Alert
DigitalMint and Sygnia Cybersecurity Insiders Indicted for ALPHV/BlackCat Ransomware Attacks on Critical U.S. Sectors
Active Exploitation Alert
Crocodilus Android Malware Targets Spain and Turkey: Mutes Alerts and Drains $2.8M in Crypto Wallets
Active Exploitation Alert
Comprehensive Analysis of the $128 Million Balancer V2 DeFi Exploit: Attack Vectors, Impact, and Mitigation Steps
Active Exploitation Alert
Cargo Freight Cyber Heists: Hackers Exploit ScreenConnect and SimpleHelp RMM Tools to Hijack Logistics Shipments
Active Exploitation Alert
University of Pennsylvania ‘We Got Hacked’ Email Incident: Abuse of connect.upenn.edu on Salesforce Marketing Cloud
Active Exploitation Alert
UNC6384 Exploits Windows LNK Vulnerability (CVE-2025-9491) to Target European Diplomatic Entities
Active Exploitation Alert
Russian Ransomware Groups Exploit AdaptixC2: Advanced Attacks Targeting Windows, Linux, and macOS Systems
Active Exploitation Alert
Nation-State Supply Chain Attack: Ribbon Communications IT Network Breach Exposes Telecom Sector Vulnerabilities
Active Exploitation Alert
Meduza Stealer Malware: Russian Authorities Arrest Suspected Operators After Astrakhan Government Data Breach
Active Exploitation Alert
China-Linked Tick Group Exploits Lanscope Endpoint Manager Zero-Day (CVE-2025-61932) in Targeted Attacks
Active Exploitation Alert
Airstalk Malware Exploits VMware Workspace ONE UEM APIs in Sophisticated Nation-State Supply Chain Attack
Active Exploitation Alert
Qilin (Agenda) Ransomware Targets Windows and Linux with Hybrid BYOVD Exploit and Cross-Platform Payloads
Active Exploitation Alert
Smishing Triad Exploits SMS Phishing to Target USPS, E-ZPass, IRS, and Financial Systems Using 194,000 Malicious Domains Globally
Active Exploitation Alert
North Korean Lazarus Group Uses Trojanized MuPDF and Notepad++ Plugins to Target European UAV and Drone Technology Firms
Active Exploitation Alert
GlassWorm Supply Chain Attack: Self-Spreading Malware Infects Visual Studio Code (VS Code) Extensions via OpenVSX and Microsoft Marketplace
Active Exploitation Alert
Critical CVE-2025-59287 Vulnerability in Microsoft WSUS: Emergency Patch Issued to Prevent Remote Code Execution
Active Exploitation Alert
CoPhish Attack Exploits Microsoft Copilot Studio to Steal OAuth Tokens via Malicious Agents
Active Exploitation Alert
APT36 Deploys Golang DeskRAT Malware via Phishing Against Indian Government Linux Systems
Active Exploitation Alert
TikTok ClickFix Attacks Targeting Windows Users: Infostealer Malware Delivered via PowerShell Social Engineering
Active Exploitation Alert
MSS Accuses NSA of Multi-Stage Cyberattack Using 42 Tools Against China’s National Time Service Center (NTSC)
Active Exploitation Alert
Critical CVE-2025-54957 Dolby Decoder Vulnerability Enables Zero-Click RCE Attacks on Android Devices
Active Exploitation Alert
China Accuses US NSA of Cyberattacks Targeting National Time Service Center (2022-2024)
Active Exploitation Alert
Zendesk Email Bomb Attacks: Exploiting Lax Authentication and Anonymous Ticket Creation
Active Exploitation Alert
Silver Fox Expands Winos 4.0 (ValleyRAT) and HoldingHands RAT Cyber Attacks to Japan and Malaysia
Active Exploitation Alert
North Korean APTs Target Node.js Ecosystem: BeaverTail-OtterCookie JavaScript Malware Exploits npm Supply Chain and Developer Tools
Active Exploitation Alert
Microsoft Teams Targeted: Vanilla Tempest Abuses Azure Certificates in Ransomware Attack Disrupted by Microsoft
Active Exploitation Alert
Microsoft Teams Targeted in Rhysida Ransomware Campaign: Over 200 Fraudulent Certificates Revoked by Microsoft
Active Exploitation Alert
Europol Dismantles SIMCARTEL SIM Box Network Used for Mass Fake Account Creation and Global Cybercrime
Active Exploitation Alert
Envoy Air Data Breach: Clop Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
Critical WatchGuard Fireware OS VPN Vulnerability (CVE-2025-9242) Allows Unauthenticated Remote Device Takeover
Active Exploitation Alert
Critical CVEs Impacting ConnectWise Automate: Urgent Patch Required to Prevent AiTM Update Attacks
Active Exploitation Alert
CAPI Backdoor: New .NET Malware Targets Windows Systems in Russian Automotive and E-Commerce Sectors via Phishing ZIP Files
Active Exploitation Alert
Pixnapping (CVE-2025-48561): Critical Android Vulnerability Enables Stealthy Theft of 2FA Codes and Sensitive On-Screen Data
Active Exploitation Alert
Oracle E-Business Suite Zero-Day Exploit Leaked by ShinyHunters: CVE-2025-61884 Analysis and Mitigation Guide
Active Exploitation Alert
Microsoft Edge IE Mode Exploited as Backdoor: Zero-Day Vulnerability Forces Emergency Restrictions
Active Exploitation Alert
Malicious Crypto-Stealing VSCode Extensions Target OpenVSX and AI Code Editors: Threat Analysis and Mitigation
Active Exploitation Alert
Flax Typhoon Exploits ArcGIS Servers: Chinese APT Turns SOE Into Persistent Backdoor
Active Exploitation Alert
Comprehensive Analysis of TA585’s MonsterV2 Malware: Attack Chain, Technical Innovations, and Risks to Windows Systems
Active Exploitation Alert
Zimbra CVE-2025-27915 Zero-Day Exploited via Malicious ICS Files to Breach Brazilian Military Systems
Active Exploitation Alert
Chinese Cybercrime Group Exploits IIS Servers Worldwide for SEO Fraud and Credential Theft
Active Exploitation Alert
China-Linked PlugX and Bookworm Attacks on Huawei U2000 Telecom Systems in ASEAN – In-Depth Cyber Threat Analysis
Active Exploitation Alert
New COLDRIVER Malware Campaign Targets Windows Systems: BO Team and Bearlyfy Join Russia-Focused Cyberattacks
Active Exploitation Alert
Fortra GoAnywhere Zero-Day CVSS 10 Exploit: In-Depth Analysis and Mitigation Strategies
Active Exploitation Alert
Fake Microsoft Teams Installers Delivering Oyster Malware via Malvertising: Comprehensive Threat Analysis for Microsoft Teams
Active Exploitation Alert
Crash Testing BAS: How Behavioral Analytics Security Validates Real-Time Cyber Defense
Active Exploitation Alert
Comprehensive Cybersecurity Report: Cisco ASA Firewall Zero-Day Exploits Using RayInitiator and LINE VIPER Malware
Active Exploitation Alert
Unmasking GPT-4-Powered MalTerminal Malware’s Ransomware and Reverse Shell Exploitation
Active Exploitation Alert
UNC1549 Cyber Attack: LinkedIn Job Lures & MINIBIKE Malware Breach Telecom Remote Management Systems in 11 Firms
Active Exploitation Alert
ShadowLeak Vulnerability: ChatGPT Deep Research Agent Flaw Enables Invisible Gmail Email Theft
Active Exploitation Alert
Russian Hackers Gamaredon and Turla Deploy Kazuar Backdoor Against Ukrainian Government Secure Workstation
Active Exploitation Alert
Fortra's Critical Patch Mitigates CVSS 10.0 Remote Code Execution Vulnerability in GoAnywhere MFT
Active Exploitation Alert
Canada Dismantles TradeOgre Exchange: $40 Million in Cryptocurrency Seized in Landmark Cybersecurity Operation
Active Exploitation Alert
Shai-Hulud Worm Targets NPM Ecosystem, Stealing Secrets from 180+ Packages
Active Exploitation Alert
Scattered Spider Resurgence: Financial Sector Targeted with Microsoft Exchange Server Vulnerabilities
Active Exploitation Alert
InsightLock Ransomware Breach: How VC Giant Insight Partners’ Critical Systems Were Compromised
Active Exploitation Alert
Samsung Android Secure Boot & Kernel Integrity Patched: CVE-2025-21043 Zero-Day Exploit Fixed
Active Exploitation Alert
CVE-2025-5086 in DELMIA Apriso: Critical Vulnerability Actively Exploited with CISA Warning and Mitigation Strategies
Active Exploitation Alert
Comprehensive Analysis of DELMIA Factory Software Vulnerability Exploited in Cyber Attacks: Trends, Impact, and Mitigation Strategies
Active Exploitation Alert
Mitigating the Scattered Spider Vulnerability in Chrome V8, Firefox SpiderMonkey, and Safari WebKit
Active Exploitation Alert
Sni5Gect Attack Exposes 5G Signaling Flaws in SX-5G Systems, Crashing Phones and Forcing 4G Downgrades
Active Exploitation Alert
Citrix Gear Zero-Day Vulnerability Exploited for Unauthenticated RCE: Comprehensive Analysis and Mitigation Guide
Active Exploitation Alert
North Korea Cyber Espionage: GitHub Enterprise Server Attacked via Diplomat IT Worker Scheme Impacting 320+ Firms
Active Exploitation Alert
High-Severity Vulnerabilities Patched in Google Chrome V8 Engine and Mozilla Firefox Rendering Engine: Exploitation Analysis and Mitigation Strategies
Active Exploitation Alert
Swagger UI 1.0.3 Remote Cross-Site Scripting (XSS) Vulnerability: Comprehensive Analysis, Exploitation Insights, and Mitigation Strategies
Active Exploitation Alert
CL-STA-0969: Covert Malware Targeting Cisco Unified Communications Manager in Telecom Networks During a 10-Month Espionage Campaign
Active Exploitation Alert
UNC2891 ATM Network Breach: 4G Raspberry Pi Implant Enables CAKETAP Rootkit Exploit
Active Exploitation Alert
Critical CVE‑2025‑5394 Exploitation of the Alone WordPress Theme Enables Remote Plugin Hijacking
Active Exploitation Alert
SonicWall SMA 100 Critical Vulnerability Patched: In-Depth Analysis of Malware Attacks and Mitigation Strategies
Active Exploitation Alert
Critical Mitel Authentication Bypass Vulnerability: How Hackers Gain Full Access to MiVoice MX-ONE Systems
Active Exploitation Alert
Stealth Backdoor Exploits in WordPress Mu-Plugins for Persistent Admin Access
Active Exploitation Alert
Microsoft Patches ToolShell Zero-Day Exploit in SharePoint Server (CVE-2025-53770): In-Depth Threat Analysis
Active Exploitation Alert
CERT-UA Uncovers LAMEHUG Malware in Legacy Email Client Software: APT28 Leverages LLM for Advanced Phishing Campaign
Active Exploitation Alert
Popular npm Linter Packages Compromised by Phishing: Detailed Malware Dropper Attack Analysis
Active Exploitation Alert
PoisonSeed Attacker Exploit Exposes Critical Vulnerabilities in FIDO Server Software and Key Firmware
Active Exploitation Alert
China-linked APT Salt Typhoon Exploits Cisco IOS XE Vulnerabilities in Canadian Telecom Systems
Active Exploitation Alert
Critical FortiOS and FortiProxy Zero-Day Vulnerability CVE-2024-55591 Exploited in the Wild
Active Exploitation Alert
ServiceNow Vulnerabilities: Critical Exploits Impacting Israel and Global Systems
Active Exploitation Alert
Global Alert: CVE-2024-27564 Vulnerability in OpenAI ChatGPT Threatens Critical Sectors
Active Exploitation Alert
Lumma Stealer Click Fix Attack: Threat Analysis and Mitigation for Windows Systems
Active Exploitation Alert