Author: Mash

North Korea’s infamous Lazarus Group is now distributing fake open-source software tools laced with malware, shifting its focus from disruption [...]

A hacker group has been exploiting trusted link-wrapping services from companies like Proofpoint and Intermedia to conceal phishing links targeting [...]

Apple has released urgent security updates to patch CVE-2025-6558, a high-severity vulnerability in the ANGLE graphics engine that was actively [...]

A security flaw in Google's Gemini CLI tool could have let attackers run harmful commands and steal data without detection [...]

Microsoft has lifted its update block that previously prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update [...]

Microsoft has linked Chinese state-backed groups, Linen Typhoon and Violet Typhoon, to widespread attacks exploiting SharePoint vulnerabilities (CVE-2025-49706, CVE-2025-49704, and [...]

A new version of the Coyote banking trojan is abusing Microsoft’s UI Automation (UIA) framework—a Windows accessibility tool—to detect and [...]

Cybersecurity experts have identified a new malware, MDifyLoader, used in attacks targeting Ivanti Connect Secure (ICS) appliances by exploiting two [...]

Cisco has addressed a critical security issue in its Unified Communications Manager (Unified CM) software, removing a hardcoded root SSH [...]

Security researchers have identified vulnerabilities in Airoha Bluetooth chips used in at least 29 devices from brands like Bose, Sony, [...]

The GIFTEDCROOK malware has evolved from a simple browser credential stealer into a powerful tool aimed at intelligence collection, especially [...]

A serious security flaw, identified as CVE-2024-51978, affects 689 Brother printer models and 53 more from brands like Fujifilm, Toshiba, [...]

Cybercriminals are leveraging ConnectWise ScreenConnect installers to spread remote access malware by manipulating hidden configuration data embedded in the file’s [...]

A cybersecurity expert has developed FileFix, an evolution of the ClickFix social engineering attack, that leverages the Windows File Explorer [...]

A new malware named SparkKitty has been uncovered in apps on both the Google Play Store and Apple App Store, [...]

CoinMarketCap recently experienced a supply chain attack that exposed its visitors to a crypto-stealing campaign via a fake Web3 wallet [...]

Microsoft is currently investigating a widespread OneDrive issue that causes search results to appear blank or fail to return existing [...]

A new iteration of the Android malware "Godfather" now uses virtualization to embed banking apps within isolated environments on infected [...]

After years of user feedback, Microsoft is finally restoring a long-missed Windows 10 feature in Windows 11 — the clock [...]

Trend Micro has issued security patches to fix multiple serious vulnerabilities in its Apex Central and Endpoint Encryption PolicyServer tools, [...]

A newly discovered flaw, tracked as CVE-2025-3052, allows attackers to bypass Secure Boot on most systems by exploiting a signed [...]

Ivanti has issued security patches for three serious vulnerabilities in its Workspace Control (IWC) platform, which stem from hardcoded cryptographic [...]

Two harmful npm packages, ‘express-api-sync’ and ‘system-health-sync-api’, have been uncovered posing as helpful utilities while secretly containing code to wipe [...]

A severe vulnerability in the Roundcube webmail application, tracked as CVE-2025-49113, has been exploited and is now being sold by [...]

A recent Coinbase data breach has been attributed to support agents in India working for outsourcing firm TaskUs, who were [...]

Qualcomm has issued fixes for three zero-day vulnerabilities in its Adreno GPU driver, which are being exploited in targeted cyberattacks. [...]

Two severe security flaws in vBulletin, identified as CVE-2025-48827 and CVE-2025-48828, are being actively exploited, with one enabling remote code [...]

Cybercriminals are now using Google Apps Script to host phishing sites that mimic legitimate login pages, aiming to steal user [...]

Microsoft’s KB5058499 preview update for Windows 11 version 24H2 introduces 48 new features and improvements, with many rolling out gradually. [...]

The DragonForce ransomware group recently infiltrated a managed service provider (MSP) and leveraged its SimpleHelp remote monitoring platform to access [...]

Security researchers from Socket uncovered 60 malicious NPM packages that gather host and network information and transmit it to a [...]

A collaborative international operation has significantly disrupted the Lumma malware-as-a-service (MaaS) scheme, taking control of around 2,300 domains used by [...]

A new feature included in Google Play Services could soon enable Android devices to automatically reboot if left idle for [...]

Hackers have been spreading a malicious version of the KeePass password manager for over eight months, using it to steal [...]

A newly developed tool called Defendnot can trick Windows into turning off Microsoft Defender by registering a fake antivirus through [...]

For at least half a year, Procolored unknowingly distributed malware with its printer software, including a remote access trojan (XRedRAT) [...]

Google is implementing a security update in Chromium that prevents Chrome from running with administrator rights on Windows, following Microsoft [...]

Ivanti has issued fixes for a severe authentication bypass flaw (CVE-2025-22462) in its Neurons for ITSM platform that could let [...]