UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities ( KEV) catalog, based on evidence of active exploitation.

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

Bitdefender GravityZone webinar shows how mid-market teams consolidate security tools to reduce complexity and improve ...

CVSS severity scores often mislead vulnerability prioritization when business context is ignored, leaving critical exposures ...

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

Anthropic’s Claude Opus 4.6 AI found 22 Firefox vulnerabilities, including 14 high severity, helping Mozilla patch flaws in Firefox 148.

Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an ...

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.