Cybersecurity

A new Chinese-linked threat cluster, OP-512, is deploying a sophisticated custom web shell framework on Microsoft IIS servers to conduct cyber espionage.The group uses...

A critical vulnerability (CVE-2026-3300) in the Everest Forms Pro WordPress plugin is being actively exploited for remote code execution, compromising sites with about 4,000...

Cisco has patched a critical server-side request forgery vulnerability, CVE-2026-20230, in its Unified Communications Manager and Session Management Edition.The flaw allows an unauthenticated attacker...

A China-linked cybercrime group, TA4922, has expanded its phishing campaigns to target organizations across Europe.The group employs a rapidly evolving arsenal of malware, including...

A major U.S.-led crackdown disrupted over 1.4 million social media accounts and froze $3.8 million in cryptocurrency tied to transnational fraud.The "Disruption Week" operation...

A researcher bypassed Google’s security updates for its Gemini voice assistant on Android using a technique called Fake Context Alignment.The exploit allowed a single...

A critical vulnerability in Microsoft Visual Studio Code's GitHub.dev web editor allows attackers to steal a user's full-access GitHub token with a single click.The...

An unpatched vulnerability in the Windows search URI handler can leak a user's sensitive NTLMv2 authentication hash.The flaw allows attackers to capture hashes via...