Security Intelligence

FamousSparrow hatches two new backdoor variants in latest campaign

China-linked threat actor FamousSparrow targets U.S. trade association, Mexican research institute with enhanced...

Security Intelligence

140 online platforms targeted by new Atlantis credential stuffer

New cybercrime platform called 'Atlantis AIO' that offers automated credential stuffing services targeting 140 online...

Security Intelligence

'Immersive World' AI chatbot jailbreak technique no fantasy

New 'Immersive World' AI jailbreak technique exploits LLM storytelling capabilities to bypass their safety restrictions.

Security Intelligence

Ingress NGINX Kubernetes Controller vulnerabilities a ‘nightmare’ for impacted users

Five critical vulnerabilities, collectively termed 'IngressNightmare,' identified in the Ingress NGINX Controller for...

Security Intelligence

Flaws in DrayTek routers cause widespread internet disruption

DrayTek residential-grade routers experience widespread disruptions, ISPs speculating faulty software update,...

Security Intelligence

New ‘VanHelsing’ Raas hunts your data, not vampires

New VanHelsing RaaS emerges to claim three victims since its inception on March 7, 2025.

Security Intelligence

Leaked Black Basta chat reveals possible connection with Russian authorities

Leaked Black Basta chat logs reveal potential connections between the cybercriminal organization and Russian...

Security Intelligence

Another critical deserialization flaw found in Veeam backup

Veeam releases update to address critical vulnerability in Backup & Replication (VBR) software could allow remote code...

Security Intelligence

Microsoft reluctant to patch Windows zero-day exploited by nation-state hackers

At least 11 state-sponsored hacking groups have been exploiting a Windows zero-day vulnerability, tracked as...

Security Intelligence

New ‘StilachiRAT’ found scurrying in crypto wallets

Microsoft identifies new, sophisticated remote access trojan (RAT) dubbed StilachiRAT.

Security Intelligence

Meow-ware alert: Attackers pounce on Tomcat flaw

Critical RCE flaw discovered in Apache Tomcat, allowing attackers to gain complete control over servers using a simple...

Security Intelligence

Another threat actor uses ‘ClickFix’ technique to deploy malware

An unknown threat actor has been observed leveraging social engineering tactic ClickFix to distribute the open-source...