This involves deploying a malware strain that connects to a nascent Web3 service called Teneo, a decentralized physical ...

Phishers abused Google Sites and DKIM replay to send valid-signed emails, bypassing filters and stealing credentials.

GCP’s ConfusedComposer flaw let attackers escalate privileges via PyPI packages; patched by Google on April 13.

Microsoft secures MSA and Entra ID with Azure Confidential VMs + HSM, preventing token forgery and reducing breach risks.

Lotus Panda breached 6 Southeast Asian organizations using custom tools, browser stealers, and sideloaded malware.

Proton66-hosted IPs launched global cyberattacks since Jan 8, 2025, exploiting critical CVEs to deploy malware.

Security teams must integrate browser security into their enterprise security stack to gain real-time visibility, detect ...

SuperCard X malware exploits NFC relay and social engineering to steal card data in Italy, enabling ATM fraud.

"In some systems, initial access was gained through exploiting the RDP vulnerability (BlueKeep, CVE-2019-0708)," the South ...

From zero-click iOS exploits to NTLM credential leaks and the 4Chan breach — this week’s cyber threats hit where trust runs ...

The surge in DDoS attack traffic this year has been driven in part by the rapid expansion of IoT devices - from smart watches ...

The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting ...