Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an ...

AWS patched an EC2 SSM Agent flaw on March 5, 2025, preventing privilege escalation via plugin ID path traversal.

CERT-UA identifies GIFTEDCROOK malware stealing browser data via phishing Excel files in attacks targeting Ukrainian ...

A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure ...

Google patched 62 flaws, including two actively exploited kernel bugs, closing exploit chains used in Android attacks.

Fast flux exploits DNS gaps to evade takedowns since 2007, enabling resilient malware and phishing operations.

This week, we trace how simple oversights turn into major breaches — and the silent threats most companies still ...

MFA bypass attacks surge with session hijacking and token theft, requiring layered defenses to limit breach impact.

PoisonSeed exploits CRM credentials to spread cryptocurrency seed phrase attacks, risking major wallet compromises.

Researchers found Disgrasya downloaded 37,217 times, targeting WooCommerce with carding scripts that steal payment data.

North Korean actors used 11 npm packages downloaded 5,600+ times to spread BeaverTail malware, expanding attacks to Bitbucket ...

Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.