State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.

"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...

Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.

Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.

The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...

The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...

In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...

While SaaS-based SIEMs are marketed as a natural evolution, they often fall short of their on-prem predecessors in practice.

Threat actors abuse Proofpoint and Intermedia link wrapping to deliver phishing emails and steal Microsoft 365 credentials.

UNC2891 used a 4G Raspberry Pi and Linux rootkits to breach ATM networks, exposing flaws in banking infrastructure.

SentinelOne boosts enterprise cyber defense with AI-powered endpoint security, cutting response time and risk across ...

Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to ...