The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix ...

Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.

UpCrypter phishing since Aug 2025 uses fake voicemails, RAT payloads, and anti-analysis, hitting global industries.

Transparent Tribe targets Indian government using weaponized .desktop files since 2022, enabling persistence and credential ...

Traditional tools fail; Keeper CEO highlights zero trust, least privilege, and AI automation reshaping defense.

ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for ...

UNC6384 is assessed to share tactical and tooling overlaps with a known Chinese hacking group called Mustang Panda, which is also tracked as BASIN, Bronze President, Camaro Dragon, Earth Preta, ...

The details are transmitted to a threat actor-controlled Telegram bot named "@sshZXC_bot" (ssh_bot) via the API, which then ...

Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.

Phishing emails with RAR archives exploit Linux filename injection to deliver VShell backdoor, bypassing antivirus defenses ...

ClickFix attacks deliver CORNFLAKE.V3 backdoor via fake CAPTCHAs, enabling multi-payload delivery and persistence since Sept ...

Murky Panda exploited Citrix CVE-2023-3519 and Commvault CVE-2025-3928 to deploy CloudedHope malware, enabling covert ...