Critical analysis of a mass WordPress plugin exploit. Attackers use auth bypass flaws in GutenKit & Hunk Companion to install backdoors and achieve full site control....
How Lazarus Group lured European defense engineers with fake job offers, hijacked legitimate software, and stealthily stole critical drone manufacturing secrets to fuel North Korea's military ambitions...
Cursor and Windsurf IDEs harbor 94 unpatched Chromium vulnerabilities, exposing developers to arbitrary code execution via outdated components. Update urgently....
Ghost in the machine! Operation Zero Disco hijacks Cisco switches via a critical SNMP flaw, installing an undetectable rootkit for total, persistent control. Patch now...
TigerJack's malicious VS Code extensions, like C++ Playground & HTTP Format, steal source code, mine cryptocurrency, & plant backdoors. Learn how this ongoing supply chain attack threatens developers & how to protect your environment....
Critical Oracle E-Business Suite flaws CVE-2025-61882 and CVE-2025-61884 were exploited by CL0P hackers in mass extortion attacks.
Active attacks exploit Gladinet CentreStack/Triofox zero-day (CVE-2025-11371). No patch available; apply LFI mitigation now.
Critical WordPress plugin flaw lets hackers takeover any site instantly. Zero-click attack underway. Patch to 6.1 now or get hacked.
Discord data breach via third-party vendor exposed 70,000 users' government IDs & personal data. Learn if you're affected and critical steps to secure your account now....
Discord's third-party breach exposes user data and government IDs. Your information remains at risk.
Sign up to our Weekley Threat Digest and keep apace of the trends shaping Cybersecurity.