"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute ...

Hackers deliver AsyncRAT using Dropbox URLs and TryCloudflare tunnels, exploiting legitimate services to bypass security ...

Microsoft 365 tenants faced ATO attempts by late 2024, with attackers using HTTP clients like Axios and Node Fetch.

CISA adds four exploited vulnerabilities to its KEV catalog, urging fixes by Feb 25, 2025, to counter active threats ...

24% of companies ran 4+ vulnerability scans in 2024, up from 15% in 2023, showing a shift to continuous monitoring.

A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted ...

CVE-2024-56161 exposes AMD SEV-SNP to malicious microcode attacks, risking VM data integrity. Discovered by Google, rated ...

Malicious Go package exploits Module Mirror caching to grant remote access, evading detection since November 2021.

Crazy Evil, active since 2021, has stolen over $5M via crypto scams, malware like AMOS, and phishing, targeting both Windows ...

The popularity of DeepSeek has also led to it being targeted by "large-scale malicious attacks," with NSFOCUS revealing that ...

Microsoft patched a critical SSRF flaw in Power Platform's SharePoint connector, risking credential theft and data breaches ...

Microsoft fixes CVE-2025-21415 (CVSS 9.9) and CVE-2025-21396 flaws, addressing privilege escalation risks in Azure AI Face ...