Trust Wallet confirmed a supply chain attack let hackers push a malicious Chrome extension update, draining $8.5 million from ...
IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now ...
The U.S. Treasury has removed three individuals linked to Intellexa and Predator spyware from its sanctions list, without ...
A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...
A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...
Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...
Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote ...
AI-driven attacks leaked 23.77 million secrets in 2024, revealing that NIST, ISO, and CIS frameworks lack coverage for ...
A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...
This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...
Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback