In 2025, cybercrime has increasingly moved beyond the realm of “just money.” Behind today’s attacks lie not only downtime costs and ransom demands, but tangible human consequences—from disruptions in healthcare and the harassment of...
A critical vulnerability has been discovered in the LangChain ecosystem that allows attackers to steal sensitive data and even influence the responses of large language models through prompt injection. The flaw affects LangChain Core...
A critical vulnerability has been discovered in MongoDB that allows a remote attacker to access uninitialized server memory without any form of authentication. Assigned the identifier CVE-2025-14847, the flaw carries a CVSS score of...
Fraudulent job advertisements promising easy income and remote work continue to flood social media platforms, particularly across the Middle East and North Africa. Disguised as no-experience side gigs, these schemes are designed to harvest...
As part of a large-scale malware campaign dubbed Operation Artemis, the North Korean hacking group APT37—also known as ScarCruft—employed sophisticated attack techniques leveraging South Korea’s HWP word processor and DLL side-loading. The operation targeted...
The stability and resilience of the internet rest largely on systems that remain invisible to most users. Among these foundational pillars is the root DNS server system—a critical mechanism responsible for translating domain names...
Within cybercriminal circles, interest in recruiting insiders from within companies is surging. Rather than mounting complex external intrusions, attackers are increasingly betting on internal sources—employees willing, for a price, to grant access to corporate...
A coordinated cybercrime crackdown across Africa has culminated in hundreds of arrests and the seizure of millions of dollars. As part of a sweeping international investigation, authorities not only detained hundreds of suspects but...
The Excel format—long regarded as a harmless office staple—is increasingly being exploited as an entry point for cyberattacks. At the center of this trend are XLL files, specialized Excel add-ins that are, in reality,...
The Chinese hacking group known as Evasive Panda (also tracked as Bronze Highland, Daggerfly, and StormBamboo) carried out one of the most sophisticated and long-running cyber campaigns of recent years, silently infecting victim systems...
By 2026, government agencies are finding it increasingly difficult to describe cyber risk with a single word or a single adversary. Analysts interviewed by ISMG argue that threats are beginning to overlap: political decisions...
The LastPass breach that occurred back in 2022 continues to generate illicit profits years later. A recent on-chain analysis by TRM Labs has uncovered new details about the underlying criminal infrastructure. At the time...
