CISA Flags Actively Exploited Gogs Vulnerability With No Patch
A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution
Information Security Magazine
SHADOW#REACTOR Campaign Uses Text-Only Staging to Deploy Remcos RAT
1 month ago
SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques
Phishing Scams Exploit Browser-in-the-Browser Attacks to Steal Facebook Passwords
1 month ago
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
1 month ago
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments
Parliament Asks Security Pros to Shape Cyber Security and Resilience Bill
1 month ago
Lawmakers want the security industry to help them scrutinize the Cyber Security and Resilience Bill
Global Magecart Campaign Targets Six Card Networks
1 month ago
Silent Push has discovered a new Magecart campaign targeting six major payment network providers that has been running since 2022
Palo Alto Networks Introduces New Vibe Coding Security Governance Framework
1 month ago
Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools
CISA Closes Ten Emergency Directives After Federal Cyber Reviews
1 month ago
US agency CISA has retired ten Emergency Directives issued between 2019 and 2024, marking a new step in managing federal cyber-risk
California Shuts Down Health Data Resales By Unregistered Brokers
1 month ago
California privacy regulator, the CPPA, is cracking down on data brokers trading personal data without authorization
World Economic Forum: Cyber-fraud overtakes ransomware as business leaders' top cyber-security concern
1 month ago
“Pervasive” threat of phishing, invoice scams and other cyber-enabled fraud is at “record highs”, warns WEF Cybersecurity Outlook 2026
Illicit Crypto Activity Hits Record $158bn in 2025
1 month ago
TRM Labs says illegal crypto flows into digital wallets increased to $158bn in 2025
BreachForums Database Leak Turns the Tables on Threat Actors
1 month ago
A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online
Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrested
1 month ago
Europol-backed operation targets group behind numerous BEC attacks and romance scams
World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks
1 month ago
Researchers at the World Economic Forum have shown that threat actors can use commercial deepfake tools to bypass corporate security protections
AI-Powered Truman Show Operation Industrializes Investment Fraud
1 month ago
Check Point has uncovered a vast, AI-powered scam operation dubbed the “Truman Show”
FBI Warns of North Korean QR Phishing Campaigns
1 month ago
The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns
GoBruteforcer Botnet Targets Linux Servers
1 month ago
The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL
New Zero-Click Attack Lets ChatGPT User Steal Data
1 month ago
Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features
China-Linked UAT-7290 Targets Telecom Networks in South Asia
1 month ago
A long-term cyber-espionage campaign targeting South Asia's telecom firms has been linked to UAT-7290
Phishing Attacks Exploit Misconfigured Email Routing Settings to Target Microsoft 365 Users
1 month ago
Misconfigurations abused to make phishing emails look like they come from within the organization
Checked
10 hours 44 minutes ago