WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild […]
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
Pervasive Chinese hacking group Salt Typhoon continues to strike, this time setting its sights on the Netherlands. Dutch intelligence authorities have confirmed that the cyber […]
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks […]
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The […]
AI-Powered Cyber Crime Raises Worldwide Alarm Bells.
AI-Powered Cyber Crime Raises Worldwide Alarm Bells. A new report from Anthropic, an AI startup backed by Amazon and Google, revealed a major shift in […]
Weaponized PDFs and LNK Files Used in Windows Attacks
A clandestine campaign in which threat actors are weaponizing a legitimate-looking PDF document, titled “국가정보연구회 소식지 (52호)” (National Intelligence Research Society Newsletter – Issue 52), […]
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to […]
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part […]
AppSuite PDF Editor Exploit Lets Hackers Run Arbitrary Commands
A sophisticated backdoor in AppSuite PDF Editor that enables threat actors to execute arbitrary commands on compromised Windows systems. Initially flagged as a potentially unwanted […]
VS Code Marketplace Abused by Threat Actors to Deliver Malware via Trusted Extensions
A recently uncovered vulnerability in the Visual Studio Code (VS Code) Marketplace has allowed malicious actors to hijack discontinued extension names and slip malware past […]