Hackers have breached the electronic case management system of the U.S. federal courts, gaining access to confidential information, including the identities of protected witnesses. The incident, which affected multiple district courts across several states,...
Google has officially confirmed that hackers gained unauthorized access to one of its corporate Salesforce databases and exfiltrated data related to small and medium-sized business clients. The disclosure appears in an updated June bulletin...
Meta is waging an intense campaign against organized scam networks in Southeast Asia, where dozens of fraudulent schemes operate in parallel. In just the first half of the year, more than 6.8 million WhatsApp...
The Kimsuky group has once again found itself at the center of attention following a campaign that deftly combined social engineering tactics with sophisticated techniques for bypassing Windows security mechanisms. Their targets included South...
The concept of connecting large language models to external data sources is swiftly transitioning from experimental novelty to everyday practice. Today, ChatGPT is capable not only of engaging in conversation, but also of interacting...
The top spot in HackerOne’s global ranking is no longer held by a human, but by a machine. Behind the alias “XBOW” is not a living researcher, but an AI-driven system that has already...
Trust in familiar IT tools is increasingly being weaponized by malicious actors: remote monitoring and management (RMM) solutions—originally designed for administration and support—are now leveraged for attacks, covert control, and data exfiltration. Security professionals...
Google has released a series of urgent security updates for Android, addressing multiple critical vulnerabilities, including two actively exploited flaws within Qualcomm components. This round of patches places particular emphasis on CVE-2025-21479 (rated 8.6...
Although humans have traditionally been regarded as the weakest link in the cybersecurity chain, a new study by Canadian researchers reveals that even untrained individuals can effectively detect malicious software when provided with minimal...
Over the past year, a social engineering technique known as ClickFix has witnessed a meteoric rise, propelled by a fusion of unique delivery methods, persuasive narratives, and sophisticated evasion tactics. According to analysts at...
The AI-powered code editor Cursor was recently found vulnerable to an attack technique dubbed “MCPoison” by the Check Point research team. This flaw enabled remote execution of arbitrary code on a developer’s machine, provided...
Critical vulnerabilities have been discovered in the Broadcom ControlVault microchip, a component responsible for storing sensitive data on over a hundred models of Dell laptops. According to Cisco Talos, this cluster of vulnerabilities allows...
In recent months, cybercriminals have once again turned their attention to long-known vulnerabilities in popular models of D-Link Wi-Fi cameras and network video recorders. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially...
Adobe has issued an out-of-band security update for its Adobe Experience Manager (AEM) Forms platform on Java EE, following the public disclosure of an exploit chain that enables unauthenticated remote code execution on vulnerable...
As the Pentagon grapples with the consequences of funding shortfalls and high turnover in the field of cybersecurity, Donald Trump’s inner circle is floating a bold proposal: the creation of a new combat branch—Cyber...
A recent automated study conducted by ETHIACK has revealed that modern web application security mechanisms—including widely adopted Web Application Firewalls (WAFs)—are vulnerable to a novel class of attacks that combine JavaScript injection with HTTP...
