Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" n…
Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe…
Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint…
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to…
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations…
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company…
Bridging the Remediation Gap: Introducing Pentera Resolve
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five…
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum,…
Why You Should Swap Passwords for Passphrases
The advice didn't change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords…
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed…
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including…
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could…
Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams
Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's…
PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia…
Securing AI to Benefit from AI
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It…
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025,…
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage…
Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities…
Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show…
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a…
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for…
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a "premeditated" cyber attack targeting the National Time…
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its…
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a…
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to…
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its…
Identity Security: Your First and Last Line of Defense
The danger isn't that AI agents have bad days — it's that they never do. They execute faithfully, even when what they're executing is a…
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow…
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently…
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
A threat actor with ties to the Democratic People's Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique…
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the…
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets
An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit…
Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform
Scaling the SOC with AI - Why now? Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR's AI-SOC Market…
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks
Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS…
Beware the Hidden Costs of Pen Testing
Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach.…
Over 23 Million Victims Hit by Data Breaches in Q3
The number of US corporate data breaches and downstream victims appeared to slow in the third quarter of the year, according to new data from…
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it's become to turn everyday technology into a…
Critical Samba RCE Vulnerability Enables Arbitrary Code Execution
Samba has disclosed a severe remote code execution (RCE) flaw that could allow attackers to hijack Active Directory domain controllers.…
F5 Reveals Nation State Breach and Urges Immediate Patching
The US government has urged federal agencies to take immediate action after security vendor F5 revealed it has been breached by a nation-state…
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched…
CISA Warns Of Adobe Experience Manager Forms 0-Day Vulnerability Exploited In Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe code execution vulnerability in…
Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature
Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to…
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience…