LATEST

A recently released malicious package on the npm repository functions as a complete WhatsApp API. It has the capacity to link the attacker's device to the victim's WhatsApp account and interc

The n8n workflow automation platform has been found to have a serious security flaw. The vulnerability has a CVSS score of

LangChain Core has been found to have a serious security vulnerability. An attacker could use prompt injection to manipulate large language model (LLM) responses and steal confidential inform

Researchers reveal information about a recent campaign that made use of websites that distribute cracked software. The campaign makes use of a new iteration of the Count loader, a stealthy an

Customers of Amazon Web Services (AWS) have been the target of an ongoing campaign that uses compromised Identity and Access Management (IAM) credentials to facilitate cryptocurrency mining.

A maximum-severity zero-day vulnerability in Cisco's AsyncOS software has been made known to users. A China-nexus advanced persistent threat (APT) actor known as UAT-9686 has been actively us

A serious vulnerability has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency. The vulnerability is known as a "embe

A security vulnerability has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency. The vulnerability, known as CVE-2023

Jewelbug, a threat actor, has been concentrating more on European government targets. The cluster is being monitored by Check Point Research under the moniker Ink Dragon. It is estimated that

Kaspersky: An APT group connected to China tainted DNS queries in order to distribute the MgBot backdoor. The group primarily targeted particular victims with adversary-in-the-middle (AitM) a