Google has officially unveiled a new experimental feature within its search engine, enabling users to delegate the task of calling local businesses to artificial intelligence and receive relevant information without any direct involvement. Instead...
Following a sweeping law enforcement operation in May—which dismantled over 2,300 domains and disrupted portions of its infrastructure—the malicious Lumma platform is once again exhibiting a resurgence in activity. Despite the significant blow, the...
China’s Ministry of State Security has issued two high-profile warnings, alleging the deliberate implantation of backdoors into both software and hardware components—across terrestrial and coastal infrastructure. The warnings span a broad spectrum of threats,...
VulnLab A web vulnerability lab project developed by Yavuzlar. Vulnerabilities SQL Injection Cross-Site Scripting (XSS) Command Injection Insecure Direct Object References (IDOR) Cross-Site Request Forgery (CSRF) XML External Entity (XXE) Insecure Deserialization File Upload...
A newly evolved strain of the Coyote banking trojan has adopted an unconventional method of user surveillance on Windows systems. Malicious actors have learned to exploit Microsoft’s UI Automation (UIA) framework—originally designed to aid...
Mexican organizations remain the persistent targets of an enduring cybercriminal campaign involving modified versions of the AllaKore RAT and SystemBC malware. According to analysts at Arctic Wolf Labs, the attacks are orchestrated by a...
mx-takeover mx-takeover focuses on DNS MX records and detects misconfigured MX records. It currently supports three-technique. These are, MX domains that will expire soon Unregistered MX domains Domains that point to not currently in...
Security researcher Sergey Bliznyuk of Positive Technologies has published a detailed analysis of critical vulnerabilities in the VGAuth component of VMware Tools, which enable a low-privileged local user to gain full SYSTEM-level access on...
The Paris Prosecutor’s Office has announced the arrest in Ukraine of an alleged administrator of the Russian-language forum XSS.is, a site long recognized as one of the largest hubs of the cybercriminal underworld. The...
Open-source software forms the bedrock of today’s digital infrastructure, powering 77% of all applications and valued at over $12 trillion. Yet its widespread adoption renders it an increasingly attractive target for supply chain attacks,...
Microsoft has confirmed that three China-linked threat groups were behind the recent wave of attacks targeting on-premises SharePoint Server installations. According to the company’s report, since early July, the vulnerabilities identified as CVE-2025-53770 and...
A newly uncovered malicious campaign involving the infostealer DeerStealer has been identified by researchers at ANY.RUN. Threat actors are employing a sophisticated tactic—combining Windows shortcut files (LNK) with trusted system utilities known as Living-off-the-Land...
