HTTPBot, first spotted in the wild in August 2024, gets its name from the use of HTTP protocols to launch distributed ...

Remcos RAT deployed via fileless PowerShell attacks using LNK files and MSHTA.exe, evades disk-based defenses.

AI classification, zero trust, and centralized DLP drive stronger data protection and compliance in dynamic environments.

The hardware exploits, tracked as CVE-2024-28956 and CVE-2025-24495, can be used against Intel CPUs to leak kernel memory at ...

Chrome flaw CVE-2025-4664 enables cross-origin data leaks; active exploit confirmed; update to 136.0.7103.113.

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, ...

It's worth noting that CVE-2025-4632 is a patch bypass for CVE-2024-7399, another path traversal flaw in the same product ...

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

Fortinet patched CVE-2025-32756, a zero-day flaw exploited in FortiVoice systems, risking remote code execution.

Austrian privacy non-profit noyb (none of your business) has sent Meta's Irish headquarters a cease-and-desist letter, ...

Separately, Ivanti has also shipped patches to contain an authentication bypass flaw in on-premise versions of Neurons for ...

Vulnerability exploitation rose 34% in 2025, revealing that compliance testing alone can't stop evolving threats.