A critical vulnerability has been unearthed in the ubiquitous WordPress plugin Modular DS, which is currently being actively exploited in the wild by threat actors. This alarming discovery was disclosed by security firm Patchstack....
Conquest is a feature-rich, extensible and malleable command & control/post-exploitation framework developed for penetration testing and adversary simulation. Conquest’s team server, operator client and agent have all been developed from scratch using the Nim programming...
This week marked the definitive conclusion of an era as Microsoft formally terminated support for Windows Server 2008, the server-side operating system predicated on the Windows Vista architecture. Originally codenamed Longhorn Server, this venerable...
North Korea continues to amass billions of dollars through a sophisticated synthesis of cybercrime and fraudulent remote employment, prompting the United States to elevate this discourse to the highest international echelons. On January 12,...
Microsoft has formally proclaimed the neutralization of RedVDS, a nefarious platform that, since 2019, provided cyber adversaries with access to remote virtual machines. These computational resources were instrumental in orchestrating voluminous phishing campaigns, credential...
The Node.js development team has disseminated critical security updates to mitigate a high-severity vulnerability capable of precipitating a denial-of-service (DoS) state across a vast majority of production environments. The core of the issue resides...
The DeadLock syndicate, which emerged within the cyber threat landscape during the summer of 2025, persists as one of the most clandestine and technologically sophisticated entities. Analysts at Group-IB have documented a highly unconventional...
Since the autumn of the previous year, the Black Lotus Labs team at Lumen Technologies has successfully decommissioned over 550 command-and-control servers tethered to the AISURU and Kimwolf botnets. These malevolent networks persist as...
Security analysts at Varonis have unveiled a sophisticated offensive targeting Microsoft’s AI assistant, designated as Reprompt. This maneuver empowers an adversary to hijack a user’s session and clandestinely exfiltrate sensitive personal data. Although a...
Security researchers at Horizon3 have disseminated a meticulous deconstruction of a burgeoning critical vulnerability within Fortinet FortiSIEM—a widely utilized Security Information and Event Management (SIEM) solution employed by global organizations to oversee their infrastructure....