A new wave of browser-based phishing tricks unsuspecting users into copy-pasting malicious commands into their systems, all while believing they’re completing a legitimate CAPTCHA verification. […]
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. […]
Critical RCE Vulnerability in AWS Amplify Studio – PoC Now Public
In May 2025, AWS disclosed a critical remote code execution (RCE) vulnerability, CVE-2025-4318, in the @aws-amplify/codegen-ui package—a core dependency for AWS Amplify Studio’s UI code […]
Colossal breach exposes 4B Chinese user records in surveillance-grade database
A colossal data breach has reportedly exposed approximately four billion records containing personal information of hundreds of millions of users, primarily from China. The 631-gigabyte […]
ANY.RUN Empowers Government Agencies with Real-Time Threat Detection
Government agencies worldwide are facing an unprecedented wave of cyberattacks, with adversaries employing advanced tactics to breach critical infrastructure and steal sensitive data. Recent case […]
Critical RCE Flaw Found in HPE Insight Remote Support Tool
Hewlett-Packard Enterprise (HPE) has released a critical security bulletin addressing multiple high-impact vulnerabilities in its Insight Remote Support (IRS) software, versions prior to 7.15.0.646. These […]
Chrome Extensions Flaw Exposes Sensitive API Keys, Secrets and Tokens
A critical security flaw has been uncovered in numerous popular Chrome extensions, affecting millions of users worldwide by exposing sensitive credentials such as API keys, […]
Critical FreeRTOS-Plus-TCP Flaw Allows Code Execution or System Crash
A critical memory corruption vulnerability, tracked as CVE-2025-5688, has been disclosed in FreeRTOS-Plus-TCP, Amazon’s open-source TCP/IP stack widely used in embedded and IoT devices. The […]
BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
HUMAN’s Satori Threat Intelligence and Research team, in collaboration with Google, Trend Micro, and Shadowserver, has uncovered and partially disrupted a massive cyber fraud operation […]
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. “The […]