Author: Mash

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in the Sudo command-line utility to its [...]

Microsoft has removed a compatibility block that was preventing certain Intel-based PCs from upgrading to Windows 11 version 24H2. The [...]

Cybercriminals are using search engine advertisements and SEO poisoning to distribute a fake Microsoft Teams installer that installs the Oyster [...]

A maximum-severity vulnerability in Fortra's GoAnywhere managed file transfer (MFT) software is being actively exploited by attackers. Tracked as CVE-2025-10035, [...]

A new version of the XCSSET malware is being used in limited attacks against macOS developers, according to Microsoft Threat [...]

Cisco has issued security updates to fix a high-severity zero-day vulnerability, tracked as CVE-2025-20352, which is being actively exploited in [...]

SonicWall has released a critical firmware update designed to eradicate a previously unknown rootkit called OVERSTEP from its Secure Mobile [...]

A ransomware attack targeting critical airport systems caused significant disruptions at several major European airports over the weekend. The incident [...]

A new native feature in Windows 11 will allow users to set video files as their desktop background, with the [...]

Security researchers have identified what may be the earliest known malware embedded with a large language model, dubbed MalTerminal. This [...]

A critical zero-click vulnerability, named ShadowLeak, has been discovered in OpenAI’s ChatGPT Deep Research agent, allowing attackers to extract sensitive [...]

The operators behind the SystemBC proxy botnet are actively targeting vulnerable commercial virtual private servers (VPS) to maintain a network [...]

The threat group TA558, also tracked as RevengeHotels, is using AI-generated scripts in a new campaign targeting hotels in Brazil [...]

A self-propagating supply chain attack has compromised at least 187 npm packages, beginning with the popular @ctrl/tinycolor library, which receives [...]

Google has confirmed that cybercriminals created a fraudulent account within its Law Enforcement Request System (LERS), a platform used by [...]

A new phishing-as-a-service platform named VoidProxy is targeting Microsoft 365 and Google accounts, even when protected by third-party single sign-on [...]

A threat actor known as WhiteCobra is distributing fraudulent extensions across the Visual Studio Marketplace and OpenVSX registry, targeting developers [...]

A recently identified ransomware variant, named HybridPetya, mimics the behavior of the infamous Petya/NotPetya malware but adds the capability to [...]

Microsoft has eliminated the registration fee for individual developers who want to publish their applications on the Microsoft Store. This [...]

A security vulnerability in the Cursor AI code editor could allow malicious repositories to automatically execute harmful code as soon [...]

A malfunction in Microsoft’s anti-spam service is mistakenly flagging legitimate URLs as malicious, preventing users from opening links in Exchange [...]

A new malware operation, dubbed GPUGate, is using malicious Google Ads and counterfeit GitHub commit pages to target IT and [...]

Cybercriminals are exploiting iCloud Calendar's invitation system to distribute fraudulent emails that appear to originate directly from Apple's official servers. [...]

VirusTotal's AI Code Insight feature has uncovered a previously undetected phishing operation that uses SVG image files to impersonate Colombia's [...]

Cybercriminals are actively exploiting a zero-day vulnerability in older Sitecore systems to install WeepSteel malware, a reconnaissance backdoor. This security [...]

A new offensive security framework named HexStrike-AI is being actively used by hackers to quickly weaponize recently disclosed security flaws. [...]

Zscaler disclosed a security breach after attackers accessed its Salesforce environment through stolen OAuth and refresh tokens from Salesloft Drift, [...]

Hackers are exploiting Meta’s ad network with fraudulent promotions of a free TradingView Premium app that secretly installs the Brokewell [...]

Microsoft has moved Windows 11 version 25H2 to the Release Preview Channel, the final stage before its full rollout later [...]

Researchers have uncovered that the Chrome extension FreeVPN.One, installed over 100,000 times and even labeled as “featured” in the Chrome [...]

Cybercriminals are distributing the TamperedChef information-stealing malware by promoting a fake PDF editing tool called AppSuite PDF Editor through Google [...]

Microsoft has released the Windows 11 KB5064081 preview cumulative update for version 24H2, introducing 36 features and changes. As part [...]

Over 28,000 Citrix NetScaler ADC and Gateway devices remain exposed to a critical remote code execution flaw (CVE-2025-7775) that is [...]

Google is rolling out a new security initiative called Developer Verification to reduce malware risks, especially from sideloaded apps obtained [...]

A critical security issue in Google’s Gemini CLI tool allowed attackers to stealthily run malicious commands and steal data through [...]

A newly discovered Android spyware, tracked as Android.Backdoor.916.origin, is masquerading as an antivirus allegedly from Russia’s Federal Security Service (FSB) [...]

A newly discovered Mac malware named Shamos is being spread through deceptive ClickFix attacks that disguise themselves as troubleshooting guides [...]

Microsoft is experimenting with a new Edge feature called Journeys, designed to transform browsing history into organized summaries. However, early [...]

A new study has shown that agentic AI browsers, which can independently shop, book tickets, and manage accounts, are highly [...]

A critical flaw in Ollama Desktop v0.10.0, an open-source tool for running large language models locally, allowed attackers to hijack [...]