Subscribe below for free to get these delivered straight to your inbox
Discover how the China-linked Evasive Panda APT group employs sophisticated DNS poisoning techniques to deliver the potent MgBot malware, targeting organizations with advanced cyber espionage.
Discover how a critical LangChain vulnerability allowed attackers to exfiltrate sensitive secrets from AI systems via arbitrary code execution, and learn about the patch in version 0.0.352.
A severe Cross-Site Scripting (XSS) vulnerability in M-Files allowed attackers to capture session tokens from active users. Learn about the affected versions and crucial updates.
A new PoC exploit, ‘Mongobleed,’ has been released, targeting a critical MongoDB vulnerability that allows unauthenticated access and exposure of sensitive data. Learn about the flaw and essential mitigation steps.
Spotify has filed a lawsuit against Anna’s Archive for unlawfully scraping 86 million copyrighted sound recordings, violating terms of service, and federal law. Learn about the legal action and implications…
Learn about the critical React2Shell RCE vulnerability affecting React Server Components, currently under active exploitation. Understand its impact and immediate mitigation steps for developers.
Discover critical vulnerabilities in TeamViewer’s DEX functionality leading to potential Denial-of-Service attacks and sensitive data exposure. Learn about the risks and essential mitigation steps.
Discover how a cybersecurity breach at the law firm Campbells potentially exposed personal and investment data of Goldman Sachs clients in the Cayman Islands. Learn about the facts of the…
The Fraunhofer Institute for Industrial Engineering (IAO) confirmed a cyberattack in Q4 2024, highlighting the increasing cybersecurity challenges for research institutions. Learn more about this confirmed incident and broader trends.
A newly discovered M-Files vulnerability allows attackers to capture active user session tokens, potentially leading to unauthorized access and data breaches. Learn about the risk and necessary mitigations.
A critical vulnerability, CVE-2025-68664, has been identified in Langchain, enabling attackers to exfiltrate sensitive secrets from connected AI systems. Understand the implications for AI security.
Urgent reports confirm a breach affecting the Trust Wallet Chrome Extension, leading to users reporting millions in cryptocurrency losses. Learn about the incident impacting the digital asset community.
Japanese e-commerce platform 47Club confirms a data breach orchestrated by the SafePay threat actor, impacting customer data and raising cybersecurity concerns.
Cybersecurity experts have identified the COOSEAGROUP ransomware, a new and active threat. Learn about its characteristics, impact, and critical defensive measures to protect your organization’s data.
Explore the React2Shell critical RCE vulnerability (CVE-2025-55182, CVE-2025-66478) affecting React Server Components, its implications, and what developers need to know.
Assolim has confirmed a data breach, impacting sensitive customer and employee information. Learn about the affected data, Assolim’s response, and crucial steps for affected individuals to protect their privacy and…
Malaysian law firm Adnan Sundra & Low (ASL) has officially confirmed a data breach incident, involving unauthorized access to its IT systems and impacting client and personal data. Learn about…
Discover how the US government successfully disrupted a multi-million dollar bank account takeover operation, protecting financial institutions and individuals from significant cybercrime.
The United States has successfully disrupted a multi-million dollar operation focused on taking over bank accounts of American citizens, safeguarding victims and combating financial cybercrime.
The University of Phoenix disclosed a data breach affecting 3.5 million individuals. The incident, attributed to the Cl0p ransomware group, exploited a zero-day vulnerability in Oracle E-Business Suite, compromising personal…
A critical zero-day vulnerability, CVE-2025-14733, affecting WatchGuard Firebox firewalls is currently under active exploitation. Learn about this urgent cybersecurity threat.
Besco Electrical has been identified as a victim of the Qilin ransomware group. Learn about this confirmed incident and the general nature of Qilin’s operations in the cybersecurity landscape.
Assolim, an international facility management group, has experienced a data breach, with the RansomHouse extortion group claiming responsibility. Learn about the incident and its implications.
WatchGuard has alerted users to a critical vulnerability in its Firebox and XTM appliances, which is currently being exploited in the wild. Learn about the flaw and the essential steps…
A critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-37164, has been disclosed in HPE OneView software, posing significant risks. Learn about the details and required actions for this high-severity flaw.
700Credit, a credit reporting service for auto dealers, confirmed a data breach exposing Social Security Numbers of 5.6 million individuals, raising identity theft concerns.
Shinhan Card confirms a data breach impacting over 190,000 card merchant records, detailing the scope of the exposure within its financial network.
Dignity Health Lassen Medical Clinic has notified over 65,000 patients of a data compromise, potentially exposing PHI and PII. Learn about the incident and steps to take.
Lexington Diagnostic Center recently announced a data breach affecting 29,915 patients, exposing sensitive information including Social Security numbers and health data. Learn about the incident and protective measures.
Discover the details of Operation PCPcat, a significant cyber espionage campaign that has successfully breached 59,000 React servers. Learn about the scale and implications of this widespread compromise.
Threat actors are leveraging GitHub repositories to distribute WebRAT malware, camouflaging it as legitimate Proof-of-Concept exploits. Learn about this deceptive tactic and how to protect against it.
Discover the facts surrounding the recent cyberattack on the French Interior Ministry’s email servers, the confirmed breach, and the implications for national security.
CISA, FBI, and international partners have released an updated report on the BRICKSTORM backdoor, providing new indicators of compromise and mitigation strategies for network defenders.
HPE OneView Critical Vulnerability (CVSS 10.0) Disclosed: Immediate Action Required to protect your infrastructure from an authentication bypass flaw granting administrative access.
Learn about the University of Phoenix data breach affecting 3.5 million individuals, linked to the Clop ransomware group’s exploitation of an Oracle EBS zero-day vulnerability.
Discover how the China-linked ‘Ink Dragon’ (APT41) cyber espionage group has expanded its operations, now actively targeting European government entities for intelligence gathering and sensitive information.
Discover how the malicious React2Shell scanner targets cybersecurity researchers, delivering hidden payloads to compromise systems. Learn about this sophisticated threat and its implications for the research community.
Discover the facts about the Assolim data breach, which exposed personal data of millions of users from the Spanish real estate portal. Learn about the exposed information and recommended actions.
A new nOAuth identity risk has been identified, impacting SaaS applications integrated with Microsoft Entra. Learn about this critical cloud security vulnerability and its implications for enterprise identity management.
Discover the facts about the unprecedented Chinese network leak that exposed an astounding 4 billion personal records, highlighting critical concerns for global data privacy and cybersecurity.
You must be logged in to post a comment.