Author: Mash

A malicious campaign on the official VSCode Marketplace has been distributing 19 extensions that contain hidden malware within their bundled [...]

A new Android malware named DroidLock is targeting Spanish-speaking users by locking their devices and demanding a ransom. Distributed through [...]

Multiple prominent ransomware gangs are utilizing a packer-as-a-service platform called Shanya to conceal and deploy malware designed to disable endpoint [...]

Microsoft has removed a significant barrier for its Windows 11-exclusive security feature, Smart App Control, by eliminating the mandatory clean [...]

Cloudflare experienced a major global outage today, causing widespread "500 Internal Server Error" messages for many websites. The company has [...]

A command injection vulnerability in Array Networks AG Series VPN appliances is being actively exploited by attackers to deploy webshells [...]

Microsoft has issued the KB5070311 optional preview update for Windows 11, addressing 49 known issues, including significant problems with File [...]

A persistent malware operation dubbed "ShadyPanda" has infected over 4.3 million users through malicious browser extensions on Google Chrome and [...]

A new vulnerability dubbed "HashJack" allows attackers to conceal malicious instructions within the fragment identifier (the part following a '#' [...]

Microsoft has confirmed that recent Windows 11 updates are causing the password sign-in option to disappear from the lock screen [...]

A high-severity vulnerability has been discovered in the widely used 'node-forge' JavaScript cryptography library, enabling attackers to bypass digital signature [...]

A new campaign linked to Russian threat actors is distributing the StealC V2 information-stealing malware by hiding it within malicious [...]

A recent investigation into a Qilin ransomware attack demonstrated how security analysts can reconstruct an incident even with severely limited [...]

Security researchers successfully compiled a database of 3.5 billion WhatsApp user accounts by exploiting an API endpoint that lacked rate-limiting [...]

Nvidia has confirmed that recent Windows security updates from October 2025 are causing performance degradation in games running on Windows [...]

A sophisticated new Android banking trojan named Sturnus has been discovered, capable of stealing credentials and enabling full remote control [...]

A severe security flaw in the popular W3 Total Cache (W3TC) WordPress plugin enables unauthenticated attackers to execute arbitrary PHP [...]

Microsoft has announced that the System Monitor (Sysmon) tool will be directly integrated into future versions of Windows 11 and [...]

Google has released an urgent security update for its Chrome browser to address a zero-day vulnerability that is being actively [...]

Google will soon begin flagging Android applications on the Play Store that exhibit high background activity and cause significant battery [...]

Microsoft is addressing a known issue where the first extended security update (ESU) for Windows 10, KB5068781, fails to install [...]

AMD has confirmed a high-severity vulnerability within the RDSEED instruction of its latest Zen 5 architecture CPUs, which compromises the [...]

A self-propagating worm, dubbed 'IndonesianFoods,' is spamming the npm registry by automatically generating and publishing new packages at an alarming [...]

The DanaBot malware has reemerged in a new version after a six-month hiatus following a major international law enforcement operation. [...]

A critical vulnerability in the Triofox file-sharing platform is being actively exploited by a threat actor to gain full system [...]

Three newly discovered vulnerabilities in the runC container runtime could allow attackers to break out of container isolation and gain [...]

With Windows 10 having reached its official end of support on October 14, 2025, users must enroll in the Extended [...]

A newly identified spyware, dubbed LandFall, was deployed by exploiting a zero-day vulnerability in Samsung's Android image processing library. The [...]

Google's Threat Intelligence Group has identified a significant trend where cybercriminals are now using large language models (LLMs) to create [...]

A critical vulnerability in the popular Post SMTP WordPress plugin is being actively exploited by hackers to hijack administrator accounts [...]

Microsoft has acknowledged a bug in an optional Windows 11 update that prevents the Task Manager from closing properly. After [...]

Facing financial pressures, OpenAI is internally debating the introduction of advertisements on its ChatGPT platform. Despite a massive user base [...]

A Chinese state-sponsored threat group, known as UNC6384 or Mustang Panda, is actively using a Windows zero-day vulnerability to spy [...]

A significant surge in Near-Field Communication (NFC) relay malware is targeting Android users, primarily in Eastern Europe, with over 760 [...]

Security researchers have identified ten malicious packages on the npm registry that deploy a sophisticated information stealer capable of targeting [...]

Starting with Chrome 154 in October 2026, Google's browser will ask for user permission by default before connecting to any [...]

A critical vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is now being actively exploited in the wild, [...]

Cybercriminals are repurposing the open-source RedTiger penetration testing suite to create an information-stealing malware that primarily targets Discord users. The [...]

A novel phishing method named 'CoPhish' exploits Microsoft Copilot Studio to deliver fraudulent OAuth consent prompts from legitimate Microsoft domains. [...]

A large-scale exploitation campaign is targeting WordPress websites using outdated versions of the GutenKit and Hunk Companion plugins. Attackers are [...]