Microsoft warns of a phishing campaign using ClickFix to spread malware via fake Booking.com emails. Attackers exploit fake CAPTCHA pages to steal cre ...
ScarCruft, also called APT27 and Reaper, is a North Korean state-sponsored cyber espionage group active since 2012. Attack ...
(CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.
"On March 14, 2025, a root certificate used to verify signed content and add-ons for various Mozilla projects, including ...
This article shares the latest trends and challenges in backup and disaster recovery by gathering data from over 3,000 IT ...
A critical FreeType vulnerability (CVE-2025-27363) with a CVSS 8.1 score may be actively exploited—update to 2.13.3 now for ...
Microsoft fixes 57 security flaws, including six zero-days exploited in the wild. CISA mandates patches by April 1.
UNC3886 exploits Juniper routers with six TinyShell-based backdoors, evading detection and maintaining persistence.
GreyNoise reports 400+ IPs exploiting multiple SSRF vulnerabilities, targeting cloud services and global networks. Patch now.
Apple patches WebKit zero-day CVE-2025-24201, exploited in sophisticated attacks before iOS 17.2. Update secures iOS, macOS, ...
AI is reshaping pentesting by automating tasks, enhancing efficiency, and empowering testers—without replacing them ...
Ballista botnet exploits TP-Link router flaw CVE-2023-1389, infecting 6,000+ devices worldwide and evolving to use TOR.