In a new security advisory, CISA said it was tipped off on cybercriminals using CVE-2025-4427, and CVE-2025-4428 - both ...

CISA releases detailed analysis of malware exploiting Ivanti EPMM vulnerabilities CVE-2025-4427 and CVE-2025-4428, providing ...

Huntress analysts discovered a previously unseen ransomware variant, Obscura, spreading from a victim company's domain controller. Learn how Obscura works—and what it means for defenders—in this ...

ShadowLeak zero-click flaw in ChatGPT Deep Research leaks Gmail data via hidden HTML prompts, bypassing security ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks ...

OS users are being tricked in the ongoing campaign with fake GitHub pages that deliver the Atomic infostealer.

Using a combination of different manipulation techniques, the OpenAI-LLM was tricked into leaking private data. What did Sam Altman know about it?

CVE-2025-4427 is an authentication bypass vulnerability and CVE-2025-4428 is a post-authentication remote code execution (RCE ...

A new supply chain attack on npm, the node package manager, has injected the first malware with self-replicating worm ...

ESET researchers reveal how the notorious APT group Turla collaborates with fellow FSB-associated group known as Gamaredon to ...

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...

ClickFix typically asks the victim to perform a fake CAPTCHA test. FileFix tricks the user into copying and pasting a command ...