Scattered Spider targets airlines with advanced social engineering and MFA bypass tactics. Industry must reassess identity ...

GIFTEDCROOK malware evolves in June 2025, shifting from browser data theft to targeting sensitive files in Ukraine.

Meta's new AI feature requests photo uploads from users for personalized suggestions, sparking privacy concerns.

China-linked hackers use compromised SOHO devices in espionage campaign, targeting Taiwan, the U.S., and Southeast Asia.

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and ...

The executable, as observed in prior Mustang Panda attacks, leverages DLL side-loading to launch a malicious DLL dubbed ...

Guest users in Entra ID may exploit billing roles to create and control subscriptions, escalating access undetected.

CISA adds 3 critical vulnerabilities to KEV catalog, affecting AMI MegaRAC, D-Link, and Fortinet, urging mitigations by July ...

Iranian hackers linked to APT35 target Israeli professionals using AI-driven phishing, fake Gmail pages, and 2FA bypass.

The disclosure comes as Citrix patched a critical-rated security flaw in NetScaler (CVE-2025-5777, CVSS score: 9.3) that ...

ClickOnce is offered by Microsoft as a way to install and update Windows-based applications with minimal user interaction. It ...

New research shows 9% of Microsoft Entra SaaS apps are vulnerable to nOAuth abuse, allowing full account takeovers.