ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.

The IT worker scheme, also tracked as Nickel Tapestry, Wagemole, and UNC5267, involves North Korean actors using a mix of ...

Gold Melody uses ASP.NET vulnerabilities for long-term access, impacting various industries across Europe and the U.S.

Chinese national Xu Zewei arrested in Milan for links to Silk Typhoon and cyber attacks on U.S. agencies, including Microsoft Exchange breaches ...

"Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a ...

Hackers are exploiting Shellter’s leaked Elite license to distribute Lumma Stealer, SectopRAT, and more. This affects ...

Anatsa banking malware targets North American users via Google Play, leading to credential theft and financial fraud ...

Russian organizations have been targeted by Batavia spyware in a phishing attack, exfiltrating documents and system info.

According to data compiled by Kaspersky, small- and medium-sized businesses (SMBs) are being increasingly targeted by cyber ...

First released by 7finney in 2022, Ethcode is a VS Code extension that's used to deploy and execute solidity smart contracts in Ethereum Virtual Machine ( EVM )-based blockchains. An EVM is a ...

Major retailers like Adidas and The North Face were breached using identity-driven tactics, exposing key security gaps.

CISA adds four critical vulnerabilities to its KEV list, with active exploitation confirmed. Federal agencies must update by ...