- New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability
- Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
- CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection
- Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
- PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
- Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
- Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
- New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!
- 150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
- CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
- NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
- New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
- RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
- Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks
- Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience
- How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More
- Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
- New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround
- Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface
- Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
- INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
- Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
- VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
- VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
- How to Balance Password Security Against User Experience
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
- GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
- U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
- UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
- Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
- China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
- 10 Critical Network Pentest Findings IT Teams Overlook
- Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
- YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
- Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
- How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model
- Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data
- Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers