The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

LiteLLM 1.82.7–1.82.8 supply chain attack exposed 33,185 secrets across 6,943 machines, leaving 3,760 valid credentials ...

AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice Your email has been sent Google’s AI agent Big Sleep identified the critical vulnerability CVE-2025-6965 before cybercriminals could ...

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

iPhone users should be on alert: DarkSword spyware has been posted in the wild. Credit: Cheng Xin/Getty Images DarkSword, the web-based hacker tool that can be used to steal data from millions of ...

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability within 20 hours, working only from the advisory description. The bug, CVE-2026 ...

A hot potato: For more than a decade, the Xbox One stood as a remarkable exception in console security – a machine long considered impervious to hacking attempts. That reputation is now over. At the ...

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...

Apple has detailed the security content for iOS 16.7.15, iOS 15.8.7, iPadOS 16.7.15, and iPadOS 15.8.7, confirming that the updates address the Coruna vulnerability disclosed last week by Google and ...

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...