A critical security flaw in the Sneeit Framework plugin for WordPress is being actively exploited in the wild, per data from Wordfence. The remote code […]
LockBit 5.0 Infrastructure Exposed as Hackers Leak Critical Server Data
Security researchers have uncovered critical infrastructure details for the notorious LockBit 5.0 ransomware operation, including the IP address 205.185.116.233 and the domain karma0.xyz, which hosts […]
Critical Vulnerabilities Found in GitHub Copilot, Gemini CLI, Claude, and Other AI Tools Affect Millions
A groundbreaking security research project has uncovered a new class of vulnerabilities affecting virtually every major AI-powered integrated development environment (IDE) and coding assistant on […]
Critical React2Shell RCE Flaw Actively Exploited to Run Malicious Code
A critical remote code execution vulnerability in React Server Components has emerged as an active exploitation target, with security researchers observing widespread automated attacks across […]
Shanya EDR Killer: The New Favorite Tool for Ransomware Operators
A sophisticated new “packer-as-a-service” tool known as Shanya has emerged in the cybercriminal underground, rapidly becoming a preferred weapon for major ransomware groups looking to […]
Critical Cal.com Flaw Allows Attackers to Bypass Authentication Using Fake TOTP Codes
Cal.com has disclosed a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to user accounts by exploiting a flaw in password […]
Indonesia’s Gambling Industry Reveals Clues of Nationwide Cyber Involvement
A massive Indonesian-speaking cybercrime operation spanning over 14 years has been uncovered, revealing a sophisticated infrastructure that shows hallmarks of state-level backing and resources typically […]
Vaillant CISO: NIS2 complexity and lack of clarity endanger its mission
CSO Germany: The energy sector is increasingly becoming a target for cybercriminals. Experts and the Federal Office for Information Security (BSI) believe that protection in this area […]
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control […]
Offensive security takes center stage in the AI era
Sara Madden is looking to take a more offensive approach to safeguarding her company. The Convera CISO wants to add a red team to stress […]