The latest iteration of the Matanbuchus malware loader, designated version 3.0, has drawn particular scrutiny from cybersecurity experts due to its significant enhancements aimed at evading detection and bypassing modern defensive systems. Originally introduced...
A newly discovered vulnerability in Windows Server 2025—dubbed Golden dMSA—poses a grave risk of widespread compromise across entire Active Directory infrastructures, according to a technical report published by enterprise cybersecurity firm Semperis. The issue...
A recent data breach has exposed a critical vulnerability in the systems of Paradox.ai, the developer behind AI-powered chatbots used in recruitment processes at McDonald’s and other Fortune 500 corporations. The cause of this...
lockc lockc is open source software for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated...
During the Pwn2Own Berlin 2025 competition, security researcher Manfred Paul successfully demonstrated an attack against the Mozilla Firefox browser’s rendering process by exploiting a vulnerability in the IonMonkey JIT compiler. Although he did not...
Google has announced the successful discovery of a critical vulnerability in the widely used SQLite database engine—identified and neutralized before it could be exploited in real-world attacks. The flaw was uncovered by Big Sleep,...
Amid the accelerating tide of digital transformation, Windows Hello for Business (WHfB) continues to be championed by Microsoft as a modern, passwordless solution for enterprise authentication. Yet, beneath this progressive façade lies an architectural...
In an era defined by the rapid evolution of generative AI systems, the notion of security has transcended traditional vulnerabilities. A recent precedent demonstrated that remote code execution can be achieved without relying on...
Air Serbia has fallen victim to a cyberattack that has significantly disrupted the company’s internal operations. The digital crisis began in the early days of July 2025 and persists to this day. One of...
hoaxshell is a Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell, based on the following concept: This c2 concept (which could be implemented by...