Iranian hacker pleads guilty to Robbinhood ransomware attacks causing $19M+ in losses, crippling U.S. cities via BYOVD and ...

In March 2024, the DoJ indicted seven hackers associated with APT31, accusing them of engaging in sweeping cyber espionage ...

PumaBot hijacks Linux IoT devices via SSH brute-force, fakes Redis services, and mines crypto using stealthy rootkits.

Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited ...

Amazon-hosted IPs scanned 75 tech targets on May 8 in a one-day exploit surge, showing orchestrated cloud-based recon.

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more ...

Mimo exploits CVE-2025-32432 in Craft CMS days after disclosure, deploying cryptominer and proxyware for monetization.

The attack works by targeting session tokens. This enables the attackers to subvert even multi-factor authentication (MFA); ...

Mobile-focused phishing using SEO poisoning and fake portals hit payroll systems in May 2025, rerouting salaries and evading ...

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a ...

Luna Moth uses spoofed IT domains and callback phishing to access law firm data, bypassing detection with legitimate tools.

TAG-110 abandoned HTA-based payloads in January 2025, using macro-enabled Word templates to target Tajik institutions.