Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools ...

DoJ disrupts DanaBot malware after 300K infections and $50M damage; 16 charged in Russia-linked cybercrime ring.

Latrodectus malware evades detection with ClickFix technique; TikTok and fake Ledger apps expand threat reach.

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique ...

Operation Endgame dismantled 300 servers and seized €3.5M crypto, disrupting ransomware access networks globally.

SafeLine WAF delivers 99.45% threat detection via semantic analysis + full self-hosted control + zero subscription fees.

CISA, which added CVE-2025-3928 to its Known Exploited Vulnerabilities Catalog in late April 2025, said it's continuing to ...

Three critical Versa Concerto flaws disclosed after 90 days allow remote code execution via reverse proxy misconfigurations.

Indirect prompt injection in GitLab Duo exposed private source code and inserted malicious HTML into AI responses, risking ...

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched ...

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. "The ClickFix technique is particularly risky ...

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell.