Nation-state intrusions. Deepfake-ready malware. AI-powered influence ops. New CVEs, old threats reborn, and spyware with ...

Stolen credentials remain the top attack vector + Google’s MFA and access controls reduce breach risk + Identity is now the ...

It's currently not known in what context the vulnerability is being exploited, but the development makes it the second ...

Golden Chickens launch TerraStealerV2 and TerraLogger; both still developing but actively steal data via OCX payloads.

Microsoft disclosed a record 1,360 vulnerabilities in 2024 + Critical bugs dropped to 78 + Risks shift toward EoP, cloud, and ...

The vulnerabilities, in a nutshell, could enable zero- or one-click remote code execution (RCE), access control list (ACL) and user interaction bypass, local arbitrary file read, information ...

Leonidas Varagiannis (aka War), 21, and Prasan Nepal (aka Trippy), 20, the two alleged leaders of a child extortion group 764 ...

Malicious Go and PyPI packages use Gmail and wget to exfiltrate data, wipe Linux disks, and hijack crypto credentials.

Iranian threat actor Lemon Sandstorm accessed Middle East CNI from 2023–2025 using VPN flaws, web shells, and 8 custom tools.

"Brand new Microsoft accounts will now be 'passwordless by default,'" Microsoft's Joy Chik and Vasu Jakkal said. "New users ...

Stealth malware MintsLoader delivers GhostWeaver RAT + Evades sandboxes using DGA + Powers data theft via encrypted C2 ...

NDR solutions uncover hidden threats missed by legacy tools by analyzing encrypted traffic, lateral movement, and blind spots ...