Der Anbieter für Programmiersysteme Data I/O wurde kürzlich von einem Cyberangriff getroffen. Dabei wurden möglicherweise Daten gestohlen. janews – shutterstock.com Data I/O bietet Programmierlösungen für […]
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity […]
Weaponized PuTTY Delivered via Malicious Bing Ads Targets Kerberos and Active Directory Services
Cybersecurity incidents increasingly exploit human vulnerabilities, including those of privileged users, as demonstrated in recent compromises involving trojanized versions of the PuTTY SSH client distributed […]
_Piotr_Adamowicz_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
The Hidden Risk of Consumer Devices in the Hybrid Workforce
Until businesses begin to account for uncontrolled variables in their threat models, attackers will continue to exploit the weakest link in the chain. ​The original […]
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the […]
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. […]
PoC Exploit Published for Chrome 0-Day Already Under Active Attack
A proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid […]
Microsoft Launches Tool to Migrate VMware VMs From vCenter to Hyper-V
Microsoft today announced the public preview of a new VM Conversion extension for Windows Admin Center, enabling IT administrators to migrate virtual machines from VMware vCenter to […]
PhpSpreadsheet Library Vulnerability Lets Attackers Inject Malicious HTML Input
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the popular PhpSpreadsheet library, allowing attackers to inject malicious HTML input when processing spreadsheet documents. The […]
CISA Alerts on Git Arbitrary File Write Flaw Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical vulnerability in Git (CVE-2025-48384) that enables arbitrary file writes and […]