-
The UK Companies House recently disclosed a significant security vulnerability in its WebFiling service that exposed sensitive director information for several months. Chief Executive Andy King confirmed that the flaw was initially introduced during a …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors were already abusing URL rewriting mechanisms in phishing campaigns to mask malicious domains. URL rewriting is designed to protect users by replacing original links with security-vendor URLs that scan destinations at click time. These re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ransomware operation called Payload is rapidly emerging as a serious threat to both Windows and VMware ESXi environments, combining Babuk-style cryptography with aggressive anti-forensics and a working double-extortion model. The group claims to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have discovered a critical evasion technique in Palo Alto Networks’ Cortex XDR agent that allowed attackers to completely bypass behavioral detections. The research demonstrates how predefined Behavioral Indicators of Co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malicious npm packages are delivering the North Korean–linked PylangGhost remote access trojan (RAT) in a new software supply chain campaign that targets developers across Windows, Linux, and macOS systems. The first malicious versions appeared in late…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly turning to trusted infrastructure to launch their attacks, making it harder for automated security tools to flag malicious activity. A newly identified phishing campaign highlights this growing trend by abusing compromise…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified campaign shows how Software-as-a-Service (SaaS) platforms like LiveChat are being weaponized to steal sensitive data in real time. Unlike traditional phishing attacks that rely on fake login pages or static forms, this tactic uses li…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the past few years, the enterprise attack surface has shifted decisively toward network infrastructure, with attackers increasingly abusing routers, VPNs, firewalls, and other edge devices for initial access and long‑term persistence. Research fro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two highly critical zero-day vulnerabilities. These flaws, which primarily affect Google Chrome and its underlying technologies, are currently being expl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Global medical technology giant Stryker suffered a massive cybersecurity incident on March 11, 2026, resulting in the remote wiping of thousands of corporate devices. A pro-Iranian hacktivist group known as Handala has claimed responsibility for the at…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
