Proofpoint says UNK_MassTraction exploited patched Roundcube flaws to target U.S. and Canadian university mail servers.
CISA added CVE-2026-45659 SharePoint Server RCE to KEV following confirmed exploitation, requiring U.S. agencies to patch by ...
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. Dubbed "Operation Highland, ...
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Woodgnat, an IAB for Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta ransomware, is using Mistic RAT in new attacks.
Last week the car maker Polestar announced that the U.S. Department of Commerce’s Bureau of Industry and Security denied it ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
"Utterly bogus." The post Surprise! Meta Says Now You Have to Pay a Monthly Subscription to Use Key Features of Your Already ...