A well-known advanced persistent threat group called SideWinder has launched a highly targeted phishing campaign against...
A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks t...
The Cybersecurity and Infrastructure Security Agency (CISA) has released a critical alert regarding a severe software su...
A critical vulnerability in the SGLang inference server that allows threat actors to execute arbitrary code. Tracked as...
A massive malware campaign known as “StealTok” involves at least 12 interrelated browser extensions. These extensions ma...
Artificial intelligence is reshaping cybercrime in ways that defenders can no longer treat as distant or theoretical. Ne...
A new ransomware-as-a-service (RaaS) operation known as “The Gentlemen” has emerged as a serious threat to corporate net...
A real-world intrusion campaign leveraging publicly available Nightmare-Eclipse privilege escalation tooling, BlueHammer...
More than 6,000 internet-exposed Apache ActiveMQ instances are still vulnerable to CVE-2026-34197. This newly tracked se...