Cybersecurity

Cisco has patched a critical server-side request forgery vulnerability, CVE-2026-20230, in its Unified Communications Manager and Session Management Edition.The flaw allows an unauthenticated attacker...

A China-linked cybercrime group, TA4922, has expanded its phishing campaigns to target organizations across Europe.The group employs a rapidly evolving arsenal of malware, including...

A major U.S.-led crackdown disrupted over 1.4 million social media accounts and froze $3.8 million in cryptocurrency tied to transnational fraud.The "Disruption Week" operation...

A researcher bypassed Google’s security updates for its Gemini voice assistant on Android using a technique called Fake Context Alignment.The exploit allowed a single...

A critical vulnerability in Microsoft Visual Studio Code's GitHub.dev web editor allows attackers to steal a user's full-access GitHub token with a single click.The...

An unpatched vulnerability in the Windows search URI handler can leak a user's sensitive NTLMv2 authentication hash.The flaw allows attackers to capture hashes via...

Google has patched a critical Android flaw under active exploitation, identified as CVE-2025-48595.The vulnerability allows local privilege escalation without user interaction and impacts Android...

The Pakistan-aligned SideCopy group deployed a sophisticated spear-phishing campaign codenamed Operation XENOFISCAL against Afghanistan's Ministry of Finance.The attackers used a malicious ZIP archive containing...