Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public…
A WhatsApp worm spread the Astaroth banking trojan across Brazil by automatically sending malicious messages to victims’ contacts. Astaroth, a…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog.…
A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers uncovered…
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured…
Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released…
Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are…
PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan.…
CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device.…
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A…
This website uses cookies.