Attackers are wielding the sophisticated modular malware while exploiting CVE-2025-29824, a previously zero-day flaw in Windows Common Log File System (CLFS) that allows attackers to […]
Mobile Phishers Target Brokerage Customers in ‘Ramp and Dump’ Cashout Scheme
Cybercriminal groups specializing in advanced mobile phishing kits have evolved their operations beyond stealing payment card data for mobile wallet enrollment, now pivoting to exploit […]
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. […]
Weaponized Copyright Documents Used by Threat Actors to Target Key Employees with Noodlophile Stealer
The Noodlophile Stealer malware, initially uncovered in campaigns leveraging fake AI video generation platforms, has evolved into a targeted spear-phishing operation that weaponizes copyright infringement […]
New ClickFix Attack Deploys Fake BBC News Page and Fake Cloudflare Verification to Deceive Users
Cybersecurity researchers have uncovered a novel ClickFix attack variant that impersonates trusted BBC news content while leveraging counterfeit Cloudflare Turnstile verification interfaces to coerce users […]
New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code
Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT. The […]
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and […]
_Piotr_Swat_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
10 Major GitHub Risk Vectors Hidden in Plain Sight
By addressing these overlooked risk vectors, organizations can continue leveraging GitHub’s innovation while protecting against sophisticated supply chain attacks targeting interconnected software. ​The original article […]
SAP 0-Day Exploit Reportedly Leaked by ShinyHunters Hackers
A sophisticated exploit targeting critical SAP vulnerabilities has been publicly released by the notorious hacking group ShinyHunters, significantly escalating the threat landscape for enterprise SAP […]
Surge in Scans From Hacked Cisco, Linksys, and Araknis Routers
Cybersecurity researchers have identified a significant increase in malicious scanning activities originating from compromised consumer and enterprise networking equipment, with particular focus on Cisco, Linksys, […]