-
Automated investment platform Betterment has confirmed a data breach affecting approximately 1.4 million customers. The incident, which occurred in January 2026, was the result of a targeted social engineering attack rather than a direct exploit of the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Indian users’ trust in government services through a sophisticated Android malware campaign that impersonates Regional Transport Office (RTO) challan notifications. This campaign represents an evolution from previous RTO-themed malware, featuring…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ShadowSyndicate, a sophisticated cybercrime cluster first identified in 2023, has evolved its infrastructure management tactics by implementing a previously unreported server transition technique. This method involves rotating SSH fingerprints across m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentiall…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A highly sophisticated phishing campaign that targets Canadian drivers by impersonating provincial traffic bureaus. This new wave of attacks utilizes “SEO poisoning” to trick search engines into ranking fake websites above legitimate govern…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The inner workings of LockBit 5.0, a sophisticated ransomware variant targeting Windows, Linux, and VMware ESXi systems simultaneously. This latest version represents a significant evolution in the cyber threat landscape, demonstrating how ransomware o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent pot…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated social engineering campaign that weaponizes fake voicemail notifications to trick victims into installing remote access tools. The attack begins when victims receive communications directing them to compromised websites displaying convi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
