Latest News

Other noteworthy stories that might have slipped under the radar: surge in Palo Alto Networks scanning, WEL Companies data breach impacts 120,000 people, AI second-order prompt injection attack.

CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager.

The number of participants in the cyber and physical grid security exercise increased by nearly 50% compared to two years ago.

The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories.

APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads.

SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake.

The company has operated in stealth mode for four months and has signed dozens of customers, including eight unicorns.

The infamous ShinyHunters hackers have targeted customer-managed Gainsight-published applications to steal data from Salesforce instances.

Thailand’s Cyber Crime Investigation Bureau said an FBI tip that the “world-class hacker” was traveling to Thailand led to his arrest in Phuket.

The Android malware is in development and appears to be mainly aimed at users in Europe.

The AI-native social engineering defense (SED) platform will accelerate product innovation and expand its offerings.

A Chinese threat actor is exploiting known vulnerabilities in discontinued Asus devices in an Operational Relay Box (ORB) facilitation campaign.

Media Land, Hypercore, and their leadership and employees are allegedly connected to various cybercriminal activities.

Researchers demonstrated a now-patched vulnerability that could have been used to enumerate all WhatsApp accounts.

A proof-of-concept (PoC) exploit targeting the high-severity remote code execution (RCE) bug exists.