Scattered Spider targets airlines with advanced social engineering and MFA bypass tactics. Industry must reassess identity ...

Meta's new AI feature requests photo uploads from users for personalized suggestions, sparking privacy concerns.

China-linked hackers use compromised SOHO devices in espionage campaign, targeting Taiwan, the U.S., and Southeast Asia.

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and ...

Guest users in Entra ID may exploit billing roles to create and control subscriptions, escalating access undetected.

CISA adds 3 critical vulnerabilities to KEV catalog, affecting AMI MegaRAC, D-Link, and Fortinet, urging mitigations by July ...

Iranian hackers linked to APT35 target Israeli professionals using AI-driven phishing, fake Gmail pages, and 2FA bypass.

The disclosure comes as Citrix patched a critical-rated security flaw in NetScaler (CVE-2025-5777, CVSS score: 9.3) that ...

ClickOnce is offered by Microsoft as a way to install and update Windows-based applications with minimal user interaction. It ...

New research shows 9% of Microsoft Entra SaaS apps are vulnerable to nOAuth abuse, allowing full account takeovers.

Hackers target Microsoft Exchange servers worldwide, injecting keyloggers to steal credentials from victims in 26 countries.

Contagious Interview, first publicly documented by Palo Alto Networks Unit 42 in late 2023, is an ongoing campaign undertaken ...