Acronis researchers have reported a fresh campaign that employs a modified FileFix technique to deliver the StealC data stealer. The attackers staged a convincing, multilingual phishing operation that forges pages for various services —...
Researchers at Socket have disclosed a new attack against the npm ecosystem, in which more than 40 packages were discovered to be laced with embedded malicious code. The compromise mechanism was meticulously engineered: it...
The newly emerged AISURU botnet has powered the largest recorded DDoS assault to date, peaking at 11.5 Tb/s. This surge shattered the spring record of 5.8 Tb/s and underscored how rapidly threats tied to...
Huntress has published a detailed account of an incident in which attackers, having exploited a vulnerable SonicWall VPN, gained access to the management console and nearly stripped the organization of its defensive capabilities by...
U.S. airlines have found themselves at the center of a scandal following revelations of large-scale transfers of passenger data to government agencies. According to a contract obtained by 404 Media through a Freedom of...
Researchers from Doyensec, together with an independent author known as BitsByWill, have publicly demonstrated a working exploitation chain that enables remote execution of code in the Linux kernel via KSMBD — the in-kernel SMB3...
Researchers from COMSEC, in collaboration with Google engineers, have uncovered a novel Rowhammer variant capable of circumventing protections in contemporary SK Hynix DDR5 modules — the flaw has been assigned CVE-2025-6202. The team demonstrated...
OpenAI has enabled support for the Model Context Protocol (MCP) in ChatGPT, permitting third-party services such as Gmail, calendars, SharePoint, Notion and other data sources to be integrated. The intent was to enrich the...
In the second quarter of 2025, experts at HP Wolf Security documented a wave of sophisticated attacks in which adversaries employed unconventional living-off-the-land (LOTL) tactics to evade detection. Multiple obscure system utilities were brought...
Experts at Mosyle have uncovered a new strain of malware, named ModStealer, which has proven entirely invisible to antivirus solutions. The program was first uploaded to VirusTotal nearly a month ago without triggering a...