WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks […]
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The […]
AI-Powered Cyber Crime Raises Worldwide Alarm Bells.
AI-Powered Cyber Crime Raises Worldwide Alarm Bells. A new report from Anthropic, an AI startup backed by Amazon and Google, revealed a major shift in […]
Weaponized PDFs and LNK Files Used in Windows Attacks
A clandestine campaign in which threat actors are weaponizing a legitimate-looking PDF document, titled “국가정보연구회 소식지 (52호)” (National Intelligence Research Society Newsletter – Issue 52), […]
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to […]
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part […]
AppSuite PDF Editor Exploit Lets Hackers Run Arbitrary Commands
A sophisticated backdoor in AppSuite PDF Editor that enables threat actors to execute arbitrary commands on compromised Windows systems. Initially flagged as a potentially unwanted […]
VS Code Marketplace Abused by Threat Actors to Deliver Malware via Trusted Extensions
A recently uncovered vulnerability in the Visual Studio Code (VS Code) Marketplace has allowed malicious actors to hijack discontinued extension names and slip malware past […]
_MR3D_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
An Audit Isn’t a Speed Bump — It’s Your Cloud Co-Pilot
Auditing must be seen for what it truly can be: a multiplier of trust, not a bottleneck of progress. The original article found on darkreading […]
VirusTotal Launches Endpoint That Explains Code Functionality for Malware Analysts
Virustotal today unveiled a powerful addition to its Code Insight suite: a dedicated API endpoint that accepts code snippets—either disassembled or decompiled—and returns succinct summaries […]