Arctic Wolf has identified a surge in automated attacks targeting Fortinet's FortiGate devices, exploiting critical vulnerabilities that allow unauthorized SSO logins. This breach not only...
Gmail's recent malfunction highlights a critical flaw in its email filtering system, leading to improper inbox classifications and increased spam exposure. As users grapple with...
A critical misconfiguration in AWS CodeBuild exposed its GitHub repositories to potential takeover, revealing a stark vulnerability in CI pipelines. This oversight not only jeopardizes...
Despite Microsoft’s extensive January patch rollout addressing 113 vulnerabilities, a critical flaw (CVE-2026-20805) in the Desktop Window Manager is already being exploited. This situation underscores...
The rise of the AISURU/Kimwolf botnets represents a troubling evolution in cybercrime, leveraging millions of compromised Android devices as unknowing participants in DDoS attacks. This...
Sean Plankey’s renomination as CISA director may provide a glimmer of hope, yet the ongoing legislative paralysis over cyber threat information sharing and funding for...
Ukraine's CERT-UA has revealed sophisticated cyber attacks targeting its defense sector, leveraging malware like PLUGGYAPE. Russian group Void Blizzard's tactics—using popular messaging apps and impersonating...
Ransomware actors have shifted tactics, targeting compliance gaps alongside data breaches. This "compliance extortion" intensifies pressure on businesses, forcing them to navigate between hefty ransom...
A malicious Chrome extension, disguised as a trading tool for MEXC, exploits authenticated sessions to steal API keys with withdrawal permissions. This breach not only...
MuddyWater's latest spear-phishing campaign, leveraging the RustyWater implant, signifies a troubling shift in cybersecurity threats. By eschewing conventional remote access tools for sophisticated Rust-based malware,...
A newly uncovered vulnerability in outdated D-Link DSL routers reveals a severe flaw allowing unauthenticated remote code execution via the "dnscfg.cgi" endpoint. As these legacy...
The recent 10.0 severity vulnerability in n8n exposes organizations to catastrophic risks, allowing attackers to seize control of integrated systems and sensitive data. This breach...
