In late 2024, a new ransomware strain named FunkSec emerged on the cybercrime scene. It quickly drew attention due to its aggressive tactics and unconventional implementation. Within a short span, dozens of organizations across...
A new report from SentinelOne casts a revealing light on a lesser-known yet extensive facet of China’s cyber-espionage apparatus: the contractor infrastructure tied to the threat group Silk Typhoon (also known as Hafnium), which...
Microsoft has announced sweeping enhancements to its vulnerability rewards program for the .NET platform, significantly broadening its scope and increasing compensation for valid discoveries. Security researchers can now earn up to $40,000 for critical...
The new Linux kernel version 6.17 introduces substantial enhancements to the EXT4 file system, significantly boosting the performance of servers equipped with numerous CPU cores and running large volumes of containers. These advancements refine...
Engineers at Google DeepMind have unveiled AlphaEarth Foundations, a sophisticated artificial intelligence model capable of generating a digital representation of the Earth’s surface at an impressive resolution of 10×10 meters. Unlike conventional systems designed...
The organizers of the world’s premier hacking competition, Pwn2Own, have announced a reward that has instantly shifted the industry’s spotlight: a staggering $1 million will be awarded for the successful demonstration of a full-fledged...
A critical vulnerability has been discovered in the Cursor source code editor, an AI-powered tool designed to assist programmers. The flaw, identified as CVE-2025-54135 and dubbed CurXecute, affects nearly all versions of the IDE...
Since mid-July, a surge in ransomware attacks leveraging the Akira strain has been observed, specifically targeting SonicWall devices. According to cybersecurity firm Arctic Wolf, threat actors have been actively exploiting SSL VPN connections on...
Email protection mechanisms, originally conceived as a bulwark against malicious links, have ironically become unwitting allies to cybercriminals. Researchers have uncovered a troubling trend: threat actors are increasingly exploiting “link wrappers” provided by platforms...
In the autumn of 2024, the InfoSect bug hunting team prepared a remote code execution attack targeting the Synology TC500 IP camera for entry in the Pwn2Own Ireland competition. The exploitation hinged on a...
JSubFinder JSubFinder is a tool written in golang to search webpages & javascript for hidden subdomains and secrets in the given URL. Developed with BugBounty hunters in mind JSubFinder takes advantage of Go’s amazing...
A critical vulnerability has been discovered in the widely used WordPress theme “Alone — Charity Multipurpose Non-profit”, which is already being exploited by malicious actors to compromise websites. Tracked as CVE-2025-5394, the flaw has...
