Author: Mash

A newly uncovered cyber-espionage campaign has been targeting foreign embassies in South Korea with the XenoRAT malware, delivered through malicious [...]

Plex has warned users to quickly update their Plex Media Server after patching a recently reported security issue affecting versions [...]

Cybercriminals are using the Japanese hiragana character "ん" to make malicious URLs look like legitimate Booking.com addresses, taking advantage of [...]

Security experts have uncovered a new malvertising campaign delivering PS1Bot, a modular malware framework capable of keylogging, data theft, reconnaissance, [...]

Fortinet has issued an urgent warning about a critical remote command injection vulnerability (CVE-2025-25256, CVSS 9.8) in FortiSIEM, a widely [...]

The KB5063878 cumulative update for Windows 11 24H2, released earlier this week, is failing to install for many systems using [...]

Two hackers, calling themselves "Saber" and "cyb0rg," allege they infiltrated the North Korean state-backed cyber group Kimsuky and released nearly [...]

Mozilla’s Firefox 141 introduced Smart Tab Grouping, an AI-powered tool designed to help users organize tabs locally without compromising privacy. [...]

Google has confirmed a security incident involving one of its Salesforce CRM systems that exposed information of potential Google Ads [...]

A new Endpoint Detection and Response (EDR) disabling tool, believed to be an upgraded version of "EDRKillShifter" created by RansomHub, [...]

Security researchers from Cisco Talos have uncovered five “ReVault” vulnerabilities in Dell’s ControlVault3 firmware and Windows APIs, affecting over 100 [...]

Adobe has issued urgent patches for two critical zero-day vulnerabilities in Adobe Experience Manager (AEM) Forms on JEE after researchers [...]

North Korea’s infamous Lazarus Group is now distributing fake open-source software tools laced with malware, shifting its focus from disruption [...]

A hacker group has been exploiting trusted link-wrapping services from companies like Proofpoint and Intermedia to conceal phishing links targeting [...]

Apple has released urgent security updates to patch CVE-2025-6558, a high-severity vulnerability in the ANGLE graphics engine that was actively [...]

A security flaw in Google's Gemini CLI tool could have let attackers run harmful commands and steal data without detection [...]

Microsoft has lifted its update block that previously prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update [...]

Microsoft has linked Chinese state-backed groups, Linen Typhoon and Violet Typhoon, to widespread attacks exploiting SharePoint vulnerabilities (CVE-2025-49706, CVE-2025-49704, and [...]

A new version of the Coyote banking trojan is abusing Microsoft’s UI Automation (UIA) framework—a Windows accessibility tool—to detect and [...]

Cybersecurity experts have identified a new malware, MDifyLoader, used in attacks targeting Ivanti Connect Secure (ICS) appliances by exploiting two [...]

Cisco has addressed a critical security issue in its Unified Communications Manager (Unified CM) software, removing a hardcoded root SSH [...]

Security researchers have identified vulnerabilities in Airoha Bluetooth chips used in at least 29 devices from brands like Bose, Sony, [...]

The GIFTEDCROOK malware has evolved from a simple browser credential stealer into a powerful tool aimed at intelligence collection, especially [...]

A serious security flaw, identified as CVE-2024-51978, affects 689 Brother printer models and 53 more from brands like Fujifilm, Toshiba, [...]

Cybercriminals are leveraging ConnectWise ScreenConnect installers to spread remote access malware by manipulating hidden configuration data embedded in the file’s [...]

A cybersecurity expert has developed FileFix, an evolution of the ClickFix social engineering attack, that leverages the Windows File Explorer [...]

A new malware named SparkKitty has been uncovered in apps on both the Google Play Store and Apple App Store, [...]

CoinMarketCap recently experienced a supply chain attack that exposed its visitors to a crypto-stealing campaign via a fake Web3 wallet [...]

Microsoft is currently investigating a widespread OneDrive issue that causes search results to appear blank or fail to return existing [...]

A new iteration of the Android malware "Godfather" now uses virtualization to embed banking apps within isolated environments on infected [...]

After years of user feedback, Microsoft is finally restoring a long-missed Windows 10 feature in Windows 11 — the clock [...]

Trend Micro has issued security patches to fix multiple serious vulnerabilities in its Apex Central and Endpoint Encryption PolicyServer tools, [...]

A newly discovered flaw, tracked as CVE-2025-3052, allows attackers to bypass Secure Boot on most systems by exploiting a signed [...]

Ivanti has issued security patches for three serious vulnerabilities in its Workspace Control (IWC) platform, which stem from hardcoded cryptographic [...]

Two harmful npm packages, ‘express-api-sync’ and ‘system-health-sync-api’, have been uncovered posing as helpful utilities while secretly containing code to wipe [...]

A severe vulnerability in the Roundcube webmail application, tracked as CVE-2025-49113, has been exploited and is now being sold by [...]

A recent Coinbase data breach has been attributed to support agents in India working for outsourcing firm TaskUs, who were [...]

Qualcomm has issued fixes for three zero-day vulnerabilities in its Adreno GPU driver, which are being exploited in targeted cyberattacks. [...]