F5 Reveals Nation State Breach and Urges Immediate Patching
The US government has urged federal agencies to take immediate action after security vendor F5 revealed it has been breached by a nation-state…
Whisper 2FA Behind One Million Phishing Attempts Since July
The phishing platform “Whisper 2FA” has rapidly become one of the most active tools used in large-scale credential theft…
Chinese Hackers Use Trusted ArcGIS App For Year-Long Persistence
Security teams have been urged to adopt proactive threat hunting after a new report revealed how Chinese hackers used novel techniques to…
CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks
Cisco’s Simple Network Management Protocol (SNMP) implementations in IOS and IOS XE have come under intense scrutiny following reports…
New Android RAT Klopatra Targets Financial Data
A previously unknown Android Remote Access Trojan (RAT) has been identified by security researchers, marking a significant advancement in the…
Akira ransomware: From SonicWall VPN login to encryption in under four hours
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their…
Malicious AI Agent Server Reportedly Steals Emails
A popular Model Context Protocol (MCP) server used to deploy AI agents has turned malicious in one of its latest updates, according to Koi…
Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors
A recent investigation has revealed a phishing campaign that began with a simple Python-based infostealer but ultimately led to the deployment…
Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access
Security researcher Puja Srivastava from Sucuri uncovered two malicious files designed to guarantee persistent attacker access by manipulating…
BlockBlasters: When a Steam Game Turns Into a Malware Delivery Vehicle
What began as a promising indie platformer has turned into one of the most alarming cases of malware-laced games on Steam in 2025. According…
Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control
The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security flaws in…
Fileless Malware Deploys Advanced RAT via Legitimate Tools
A sophisticated fileless malware campaign exploiting legitimate system tools has been uncovered by cybersecurity researchers. The attack…
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
A Chinese APT group has compromised a Philippines-based military firm using a novel, sophisticated fileless malware framework dubbed…