A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later.

Think you had a bad year? At least you didn't hire a North Korean, share war plans in the group chat, or DDoS yourself.

Amazon has quietly closed a serious security hole in Kindle devices that made it possible for attackers to hijack customer accounts simply by getting a malicious audiobook or e-book onto an e-reader.

A threat actor known as Zestix has been offering to corporate data stolen from dozens of companies likely after breaching ...

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...

Browser extensions turned malicious after years of legitimate operation in DarkSpectre campaign affecting millions. The ...

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...

Do not fall victim to this new attack. Here’s something new to worry about over the holidays. Android ransomware attacks have now started — yes, you read that right. Your phone is instantly locked ...

Senior Editor Arvind Ojha reports that the charge sheet names six individuals, including three Pakistani terrorists who were involved in the attack and later killed in 'Operation Mahadev'. The report ...

Ever since reporting earlier this year on how easy it is to trick an agentic browser, I've been following the intersections between modern AI and old-school scams. Now, there's a new convergence on ...

A new malware campaign using a Python-based delivery chain to deploy the emerging CastleLoader family has been discovered by cybersecurity researchers. According to Blackpoint, the activity revolves ...