Moving Beyond Awareness: How Threat Hunting Builds Readiness
Every October brings a familiar rhythm – pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in […]
RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing
Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided […]
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor […]
What AI Reveals About Web Applications— and Why It Matters
Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at […]
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to […]
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked […]
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment […]
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The […]
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving “credible reports” in August 2025 that […]
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for […]
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow […]
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments. “Threat actors are […]