TA416 targeted European governments from mid-2025 using PlugX and OAuth abuse, enabling cyber espionage against EU and NATO ...

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...

Third parties cause 30% of breaches in 2025, with $4.91M average costs, driving $18.7B TPRM growth by 2030 and stricter ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, ...

Drift lost $285M on April 1, 2026 after nonce-based social engineering enabled admin takeover, exposing DPRK-linked crypto ...

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...

Cisco patches two 9.8 CVSS flaws (CVE-2026-20093, CVE-2026-20160), preventing authentication bypass and root access.

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.

REF1695 spreads RATs and miners since Nov 2023 via ISO lures, earning 27.88 XMR across four wallets through cryptomining and ...

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

In December 2025, TechCrunch reported that SIO was behind a set of malicious Android apps that masqueraded as WhatsApp and ...