A real-world intrusion campaign leveraging publicly available Nightmare-Eclipse privilege escalation tooling, BlueHammer, RedSun, and UnDefend, following what...
cyber security
A new ransomware-as-a-service (RaaS) operation known as “The Gentlemen” has emerged as a serious threat to corporate...
Artificial intelligence is reshaping cybercrime in ways that defenders can no longer treat as distant or theoretical....
A massive malware campaign known as “StealTok” involves at least 12 interrelated browser extensions. These extensions masquerade...
A critical vulnerability in the SGLang inference server that allows threat actors to execute arbitrary code. Tracked...
The Cybersecurity and Infrastructure Security Agency (CISA) has released a critical alert regarding a severe software supply...
A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks that weaponizes...
A well-known advanced persistent threat group called SideWinder has launched a highly targeted phishing campaign against South...
A proof-of-concept (PoC) exploit has been publicly released for a newly disclosed vulnerability in Microsoft’s Snipping Tool...
Cybersecurity researchers, working in partnership with OpenAI, have uncovered a fascinating and severe vulnerability in iTerm2, a...