Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus ...
Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...
Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...
SolarWinds fixes four critical CVSS 9.1 vulnerabilities in Serv-U 15.5 that could allow root code execution with ...
Ex-L3Harris employee sentenced to 7 years for selling 8 zero-days to Russian broker; U.S. sanctions Operation Zero and ...
Execution-based triage cuts MTTR by 21 minutes, reduces escalations 30%, and exposes full attack chains in under 60 seconds.
CYBER360 report warns over half of national security groups rely on manual data transfers, exposing mission-critical vulnerabilities.
SLH pays $500–$1,000 per call to recruit women for vishing, targeting IT help desks and MFA resets to breach Azure and deploy ransomware.
CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and ...
Lazarus Group used Medusa ransomware in Middle East and U.S. healthcare attacks, with average $260,000 demands and 366 ...
UnsolicitedBooker targets Central Asian telecoms with LuciDoor and MarsSnake, while PseudoSticky and Cloud Atlas hit Russia.
Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results