"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...

State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.

Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.

The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...

The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...

Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.

Russian APT Secret Blizzard uses ISP-level AitM attacks to deploy ApolloShadow malware on embassy devices in Moscow.

SentinelOne boosts enterprise cyber defense with AI-powered endpoint security, cutting response time and risk across ...

In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...

While SaaS-based SIEMs are marketed as a natural evolution, they often fall short of their on-prem predecessors in practice.

UNC4899 used job lures and cloud exploits to breach two firms, steal crypto, and embed malware in open source.

China-linked firms behind Silk Typhoon filed patents for cyber tools, revealing links to MSS and offensive hacking ops.