Gladinet is facing fresh trouble once again: vulnerabilities have been uncovered in its CentreStack and Triofox products stemming from embedded, hardcoded cryptography. According to Huntress, the AES implementation relies on fixed keys, allowing attackers...
Notepad++ has released version 8.8.9 to remediate a weakness in its WinGUp (GUP.exe) update mechanism. Researchers and users had reported incidents in which the updater, instead of fetching a legitimate installer, downloaded and executed...
One of the cybersecurity industry’s most frequently cited “benchmarks” has once again made the rounds in slide decks and marketing brochures: MITRE has published the results of its 2025 ATT&CK Evaluations for enterprise security...
Researchers at Kaspersky Lab have published an in-depth study on how to detect the presence of Mythic within corporate networks—one of the most widely used tools employed by attackers to manage compromised systems. Mythic...
Researchers from Stanford and their collaborators conducted an unconventional experiment: they compared how ten seasoned professional penetration testers and a suite of autonomous AI agents performed against a real corporate-style pentest. The test was...
Immediately following the public disclosure of a critical vulnerability in React Server Components, threat actors began exploiting it in attacks against organizations across multiple industries. The Huntress team reports that the flaw is an...
A new ransomware strain known as 01flip, written in Rust, has begun appearing with increasing frequency in attacks against organizations across the Asia-Pacific region. According to Palo Alto Networks’ Unit 42, the activity has...
The emergence of a new malicious tool within the React2Shell attack chain has become a notable development amid the surge of compromises that followed the disclosure of CVE-2025-55182. This time, the activity goes far...
Researchers at Securonix have uncovered a multi-layered malware campaign designed to surreptitiously deploy the NetSupport RAT remote access tool. The attack unfolds through a series of carefully obfuscated stages, each engineered for maximum stealth...
Security researchers have disclosed a .NET vulnerability that could affect a wide range of enterprise products and lead to remote code execution. The issue stems from how Microsoft .NET–based applications process SOAP messages, and,...
Attackers are actively exploiting a newly discovered zero-day vulnerability in Gogs—a widely used self-hosted Git service—for which no official patch has yet been released. According to Wiz, the ongoing campaign has already compromised more...
Cisco Talos has uncovered a new DeadLock ransomware campaign in which attackers exploit a vulnerable Baidu Antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vulnerable Driver (BYOVD) technique, dismantle defenses...
