-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding significant security flaws discovered in industrial networking equipment manufactured by ZLAN Information Technology Co. The alert, identified as ICSA-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly surfaced mobile spyware platform called ZeroDayRAT is rapidly gaining traction across underground Telegram channels. ZeroDayRAT is designed to give attackers complete remote control over both Android and iOS devices, supporting versions from An…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, CVE-2026-1731, affecting self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments. This security flaw allows unauthenticated attackers to inject operating system commands, effectively granting them remot…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Between June and December 2025, a state-sponsored threat group known as Lotus Blossom quietly hijacked the official hosting infrastructure used to deliver Notepad++ updates, turning a trusted developer tool into a precision espionage delivery channel. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for the Chrome desktop web browser to address a severe high-severity vulnerability that is currently being exploited in the wild. The search giant rolled out the fix on Friday, updating the Stable channel t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The landscape of malware analysis has taken a significant leap forward with the official release of REMnux v8. This popular Linux toolkit, which has served the security community for fifteen years, has been updated to address modern threats and integra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks use social engineering to lure corporate users into downloading malicious “so…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed critical flaw, CVE-2025-64712 (CVSS 9.8), in Unstructured.io’s “unstructured” ETL library could let attackers perform arbitrary file writes and potentially achieve remote code execution (RCE) on systems that process untrusted document…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A long-running Chrome extension malware campaign has silently hijacked more than 500,000 VKontakte (VK) accounts, forcing users into attacker-controlled groups, resetting their settings every 30 days, and abusing VK’s own infrastructure as command-and-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions. Security researchers have uncovered a coordinated campaign involving 30 Chrome exte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
