Palo Alto Networks
public
–
4 min read
Palo Alto Networks fell victim to a sophisticated supply chain cyberattack after threat actors (UNC6395) exploited a vulnerability in Salesloft…
NuGet: Malicious NuGet Packages Steal Browser Credentials, SSH Keys, and Crypto Wallets
public
–
4 min read
Malicious NuGet Packages Target .NET Developers, Stealing Credentials and Crypto Data
A sophisticated campaign is leveraging malicious NuGet packages to…
SourceForge: Cyber spies target Russian aviation firms to steal satellite and GPS data
public
–
2 min read
Cyber-Espionage Group HeartlessSoul Targets Russian Aviation and Government Sectors
A cyber-espionage campaign attributed to the group HeartlessSoul has been actively…
TrueConf: PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
public
–
3 min read
PhantomCore Exploits TrueConf Vulnerabilities in Targeted Russian Cyberattacks
Since September 2025, the pro-Ukrainian hacktivist group PhantomCore (also known as Fairy…
U.S. federal agency: CISA: US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March
public
–
3 min read
U.S. Government Agency Breached via Cisco Firewall Vulnerabilities, Persistent Malware Detected
In September 2025, a U.S. federal agency…
PayPal and Apple: Watch out, hackers are abusing Apple account notifications to distribute malware, steal money and data
public
–
3 min read
Scammers Exploit Apple’s Email Domain in Callback Phishing Attack
Cybercriminals have weaponized Apple’s email notification system to launch…
Flowise: Critical Flowise RCE Vulnerability Actively Exploited, Thousands of Systems at Risk
public
–
2 min read
Critical Flowise RCE Vulnerability (CVE-2025-59528) Actively Exploited in the Wild
A maximum-severity remote code execution (RCE) vulnerability in Flowise, tracked…
Unnamed Victims: Yurei Ransomware Uses Common Tools, Adds Stranger Things References
public
–
2 min read
New Yurei Ransomware Campaign Leverages *Stranger Things*-Themed Tools in Aggressive Extortion Attacks
Researchers at Team Cymru have uncovered a…
Moderates, Conservatives, The Copenhagen Post and Social Democrats: Pro-Russian group claims hits on Danish party websites as voters head to polls
public
–
3 min read
Pro-Russian Hackers Disrupt Danish Political Websites Ahead of Local Elections
Pro-Russian hackers launched distributed denial-of-service (DDoS) attacks on Monday, temporarily…
Salesforce and ShinyHunters: ShinyHunters claims ongoing Salesforce Aura data theft attacks
public
–
3 min read
Salesforce Customers Targeted in Data Theft Campaign via Misconfigured Experience Cloud Sites
Salesforce has issued a warning about hackers exploiting…
Fortune 500 companies and Government agencies: 900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks
public
–
2 min read
Massive Leak of Private TLS Keys Exposes Fortune 500 and Government Websites
A joint investigation by GitGuardian and Google has…
Microsoft: PoC Released for Windows Vulnerability That Allows Attackers to Cause Unrecoverable BSOD Crashes
public
–
3 min read
New Windows CLFS Driver Vulnerability Enables Low-Privilege DoS Attacks
A proof-of-concept (PoC) exploit has been released for CVE-2026-2636, a newly…
Explore topics
Authors
