Latest News

The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April.

Trend Micro researchers flagging problems with Nvidia’s patch for a critical, code execution vulnerability in the Nvidia Container Toolkit.

A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls.

Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities.

Researchers uncover new software supply chain threat from LLM-generated package hallucinations.

Threat actors are publishing malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers.

The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.

The hackers who posted the documents on Telegram said the attack was in response to alleged Moroccan “harassment” of Algeria on social media platforms.

A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild.

Noteworthy stories that might have slipped under the radar: Scattered Spider still active despite arrests, hacker known as EncryptHub unmasked, Rydox admins extradited to US. 

SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug.

Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach.

In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure.

Very few people in the cybersecurity industry do not know, or know of, Bryson Bort, CEO/Founder of SCYTHE and the co-founder of ICS Village.

Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet.