A new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into a destructive action that wipes a user’s […]
Salt Security Unveils New AI-Powered Capabilities, Expanding API Visibility and Protecting Emerging MCP Infrastructure
Salt Security used the stage at AWS re:Invent this week to unveil two major enhancements to its API Protection Platform, introducing a generative AI interface […]
React2Shell Vulnerability Under Attack from China-Nexus Groups
A maximum-severity vulnerability affecting the React JavaScript library is under attack by Chinese-nexus actors, further stressing the need to patch now. The original article found […]
Hardening browser security with zero-trust controls
The shift from perimeter-based security to zero trust is now indispensable for combating modern threats. The obsolete “castle-and-moat” model, granting implicit trust to any device […]
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vulnerability, tracked as […]
MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows
The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading […]
.webp?ssl=1)
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security […]
Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation
SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from […]
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it […]
Threat Landscape Grows Increasingly Dangerous for Manufacturers
Manufacturers are the top target for cyberattacks in 2025 because of their still-plentiful cybersecurity gaps and a lack of expertise. The original article found on […]