An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan ...

South Korea's largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access ...

A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote ...

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and ...

Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in Windows Subsystem for Linux 2 (WSL2).

Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, ...

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens ...

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from ...

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing ...

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain ...

ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced ...

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing ...