Iranian cyber group UNC1549 hacked 11 telecom firms, deploying Azure-hosted MINIBIKE malware through LinkedIn lures to steal ...

CISA details attackers exploiting Ivanti EPMM zero-days CVE-2025-4427/4428 in May 2025, enabling persistent remote code ...

Fortra fixes CVE-2025-10035, a CVSS 10.0 deserialization flaw in GoAnywhere MFT; update to version 7.8.4 to block remote ...

REM Proxy’s SystemBC botnet infects 1,500 VPS daily across 80 C2 servers, with 40% unpatched for over 31 days, exposing ...

ESET confirms Russian hackers Gamaredon and Turla joined forces in Feb 2025 to deploy the Kazuar backdoor on Ukrainian ...

Two UK teens tied to Scattered Spider’s $115M ransomware attacks face U.S. fraud charges and potential 95-year sentence for ...

The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries.

SonicWall breach exposed backup files of under 5% customers, prompting password resets to prevent firewall exploitation.

CountLoader enables Russian ransomware gangs to deploy Cobalt Strike and PureHVNC RAT via Ukraine phishing campaigns.

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...

Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day vulnerability in ...

Microsoft and Cloudflare seized 338 RaccoonO365 domains in September 2025, disrupting phishing attacks stealing 5,000 ...