CYBER ATTACK

SILENTCONNECT is a new type of multi-stage malware loader that has been quietly attacking Windows computers since at least March 2025 This article.

A hacker linked to the Russian government has targeted a Ukrainian government agency with a cyberattack that takes advantage of a cross-site scripting.

Seqrite Labs has found a very specific phishing campaign called "Operation GhostMail." The attack took advantage of a Cross-Site Scripting (XSS) flaw in.

The Jenkins project has sent out a critical security warning about several flaws in its core automation server and the LoadNinja plugin. These flaws make.

Atlassian has fixed a serious remote code execution (RCE) flaw in its Bamboo Data Center platform, which is a popular tool for continuous integration and.

CISA has sent out an urgent warning to businesses about a serious zero-day vulnerability in Cisco Secure Firewall Management Center (FMC) and Cisco.

Authorities Mess Up IoT Authorities have successfully taken down the command-and-control (C2) networks that run four huge Internet of Things (IoT) botnets.

Aura, a company that provides digital security, has confirmed that a targeted social engineering attack led to a data breach that affected about 900,000.

Apex AI Penetration Testing Agent Apex is an AI-powered penetration testing agent that can work on its own and test live apps in black-box mode. It.

Threat actors sometimes make mistakes in operational security that put their whole work environment at risk This article explores relay infrastructure.

Discover how The Python Package Index (PyPI) has found a malicious Python package called pyronut that pretends to be the popular pyrogram framework and.

Discover how Horabot, a well-known banking trojan, is back in an active campaign that is targeting users all over Mexico. It uses a multi-stage infection.

Claude Vulnerabilities Steal Private Information and Send Users to Bad Websites Three linked flaws in Claude.ai, Anthropic's popular AI assistant, let.

The U.S This article explores misuse endpoint management. . Cybersecurity and Infrastructure Security Agency (CISA) has sent out a new warning telling.

WaterPlum, a hacking group linked to North Korea, has released a new piece of malware called StoatWaffle This article explores waterplum hacking group.

In December 2025, security researchers at Zscaler ThreatLabz found a new command-and-control (C2) framework implant called SnappyClient This article.

Discover how A new piece of malware called SnappyClient is a big threat to Windows users. It combines remote access, data theft, and advanced evasion.

As hackers focus more on network infrastructure instead of traditional endpoints, the attack surface of businesses is changing quickly. Researchers in the.

A joint US-Israeli military operation began strikes inside Iran on February 28, 2026 This article explores world cyber escalation. . This started a huge.

Discover how A threat actor with ties to Iran has had their entire working infrastructure exposed after carelessly leaving an open directory on their own.

Hackers are using poorly set up OpenWebUI servers to spread AI-generated payloads that steal credentials and mine cryptocurrency on both Linux and Windows.

Security researchers have revealed a serious multi-stage attack chain that affects Anthropic's Claude.ai platform This article explores redirect.

CISA warns that Microsoft SharePoint is vulnerable to attacks A serious security hole in Microsoft SharePoint has been found to be actively used, and on.

A well-known code editor extension on the Open VSX registry was found to have hidden malware that quietly downloads and runs a remote access trojan (RAT).

UIDAI Bug Bounty Program Makes Aadhaar More Secure The Unique Identification Authority of India (UIDAI) has officially started its first organized Bug.

The Unique Identification Authority of India (UIDAI) has started its first structured bug bounty program as part of its ongoing work to make the Aadhaar.

ConnectWise has sent out an urgent security alert for its ScreenConnect remote desktop software This article explores keys screenconnect vulnerability.

Another blow to network security. Two new types of malware have appeared that can quietly turn routers, IoT devices, and enterprise network equipment into.

LeakNet is a ransomware group that has been quietly working on a more dangerous way to attack This article explores leaknet ransomware. . The group used.

ForceMemo is a new malware campaign that is quietly hacking hundreds of GitHub accounts and adding hidden harmful code to Python repositories, leaving.