Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers.

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

They can’t help themselves. When actors see a microphone, they blurt out the industry’s cause du jour. It’s instinctive, like knowing your “good” side when the paparazzi appear. Free Palestine! Bleep ...

TL;DR A coding flaw in PayPal’s loan app went undetected for nearly six months, exposing sensitive customer data — not because prevention controls failed catastrophically, The post What the Recent ...

So-called ‘DarkSword’ attacks break through Apple devices’ security defences to steal personal data in seconds. View on ...

The phone vibrates at an odd hour, and before you can even say hello, a voice laden with the practised gravitas of a high-ranking law enforcement official cuts through the silence. In the world of the ...

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...