The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting ...

The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, ...

A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could ...

Add support for GZip compression in the Processing URI schema for sketches. Right now, encoded sketches are stored as raw base64, which produces very long strings. Allowing sketches to be compressed ...

The new variant of Docker-targeting malware skips cryptomining in favor of persistence, backdoors, and even blocking rivals ...

There is an issue in Bruno when sending requests that include base64-encoded content. The request executes successfully only the first time, but once any modification is made to the base64 string ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

VirusTotal has used its AI Code Insight tool to uncover a year-long malware campaign that hid within SVG files to evade ...

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS ...

Something rather significant happened on the Internet back in May, and it seems that someone only noticed it on September 3rd ...

Ziyue Wang (Nanjing) and Liyi Zhou (Sydney) have expanded upon prior work dubbed A1, an AI agent that can develop exploits ...

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the ...