Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims
Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
Entra ID Data Protection: Essential or Overkill
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
TikTok Slammed With '530 Million GDPR Fine for Sending E.U. Data to China
How to Automate CVE and Vulnerability Advisory Response with Tines
MintsLoader Drops GhostWeaver via Phishing, ClickFix ' Uses DGA, TLS for Stealth Attacks
Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers
Why top SOC teams are shifting to Network Detection and Response
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
New Research Reveals: 95% of AppSec Fixes Don't Reduce Risk
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense
Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don't Know About
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations
WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
Product Walkthrough: Securing Microsoft Copilot with Reco
Google Reports 75 Zero-Days Exploited in 2024 ' 44% Targeted Enterprise Security Products
Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool
CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database
Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
How Breaches Start: Breaking Down 5 Real Vulns
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools
WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers
Why NHIs Are Security's Most Dangerous Blind Spot
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
159 CVEs Exploited in Q1 2025 ' 28.3% Within 24 Hours of Disclosure
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices
Three Reasons Why the Browser is Best for Stopping Phishing Attacks
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
5 Major Concerns With Employees Using The Browser
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Akin Mabogunje: Facets of his legacy Part 1 - Guardian
Are Africas partners sustainable development compliant - Guardian
Christopher Musa: Beacon of hope in Nigerias defence architecture - Guardian
Enough of marching orders - Guardian
Nigeria: Flood water attack from Cameroun - Guardian
Now that Ayo Adebanjo has been buried - Guardian
Papa T, Baby T and the Jagabans - Guardian
Prepare for war on truth - Guardian
Tale of Seyi Tinubu, NANS and Isa Atiku Abubakar - Guardian
Thoughts on the global Britain - Guardian
Why visibility matters more than ever in academics! - Guardian