GhostPoster malware hid inside 17 Firefox add-ons, abusing logo files to hijack links, inject tracking code, and run ad fraud.
Amazon reports a new AWS crypto mining campaign abusing IAM credentials, ECS, EC2, and termination protection for persistence ...
A fake NuGet package mimicking Tracer.Fody stayed online for years, stealing Stratis wallet files and passwords from Windows ...
Amazon reports a GRU-linked APT44 campaign from 2021–2025 targeting energy and critical infrastructure using misconfigured ...
Proactive Sensitive Data Leak Detection. Embed privacy across all stages in development, from IDE environments, with ...
Attackers are exploiting two CVSS 9.8 FortiGate SSO authentication bypass flaws days after disclosure; Fortinet urges ...
React2Shell vulnerability CVE-2025-55182 is actively exploited to deploy Linux malware, run commands, and steal cloud ...
Google will shut down its Dark Web Report in February 2026, ending breach scans and deleting user data to refocus on ...
A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt ...
FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to reduce extension risk.
Researchers report phishing emails in Russia using ISO attachments to deploy Phantom Stealer against finance and related ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback