Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted Western critical infrastructure…
Why Data Security and Privacy Need to Start in Code
AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now…
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor…
Google to Shut Down Dark Web Monitoring Tool in February 2026
Google has announced that it’s discontinuing its dark web report tool in February 2026, less than two years…
Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a “Featured” badge and six million users has been observed silently gathering every…
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical…
⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
If you use a smartphone, browse the web, or unzip files on your computer, you are in the…
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
Cybersecurity researchers have disclosed details of an active phishing campaign that’s targeting a wide range of sectors in…
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called…
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink…