- WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
- New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
- AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
- Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
- Non-Human Identities: How to Address the Expanding Security Risk
- ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
- Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
- Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
- 295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
- INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
- Why DNS Security Is Your First Defense Against Cyber Attacks?
- SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
- How to Build a Lean Security Model: 5 Lessons from River Island
- Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
- Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps
- Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud
- FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware
- Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users
- The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier
- Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account
- Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises
- CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog
- Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
- Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
- ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
- Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise
- OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups
- New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
- Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
- New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
- Empower Users and Protect Against GenAI Data Loss
- Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam
- Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
- New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
- Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
- Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands
- Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation
- Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware
- DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
- Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
- Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
- Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
- Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
- Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
- HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
- Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
- Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
- Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization
- Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets
- Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues
