npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.

CrushFTP flaw CVE-2025-54309 exploited in wild, giving attackers admin access. Older builds before July 1 are at high risk ...

APT28 targets Ukrainian government officials with a phishing campaign delivering LAMEHUG malware, utilizing Alibaba Cloud’s ...

The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by ...

The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information ...

This article discusses why IT leaders must think beyond backup and embrace cyber resilience to survive and thrive in the ...

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 ...

Critical NVIDIA vulnerability CVE-2025-23266 impacts 37% of cloud services, allowing privilege escalation and data tampering.

"The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open ...

Discover how CTEM, VM, and ASM work together to enhance cybersecurity, providing real-time visibility and proactive threat ...

A new attack uses CVE-2021-41773 in Apache HTTP Server to install a cryptocurrency miner via compromised websites.

Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors | Read more hacking news on The ...