M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.
Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
CVE-2026-35616 (CVSS 9.1) exploited since March 31, 2026, affects FortiClient EMS 7.4.5–7.4.6, enabling privilege escalation.
"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
Drift lost $285M on April 1, 2026 after nonce-based social engineering enabled admin takeover, exposing DPRK-linked crypto ...
AI extensions after DeepSeek block at U.S. law firm, routing traffic to China servers, exposing compliance risk.
The activity begins with the attackers distributing malicious VBS files via WhatsApp messages that, when executed, create ...
Third parties cause 30% of breaches in 2025, with $4.91M average costs, driving $18.7B TPRM growth by 2030 and stricter ...
UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.
Google expands Android developer verification globally after September rollout, adding authentication and delays to ...
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results