Cybersecurity

Google has patched a critical Android flaw under active exploitation, identified as CVE-2025-48595.The vulnerability allows local privilege escalation without user interaction and impacts Android...

The Pakistan-aligned SideCopy group deployed a sophisticated spear-phishing campaign codenamed Operation XENOFISCAL against Afghanistan's Ministry of Finance.The attackers used a malicious ZIP archive containing...

Dashlane disclosed a brute-force attack where encrypted vaults for fewer than 20 personal plan users were downloaded.The attack, launched on May 31, 2026, aimed...

A new supply chain attack campaign called Miasma has compromised multiple official @redhat-cloud-services npm packages.The malware steals credentials and secrets from developer machines to...

A China-aligned cyber espionage campaign, Operation Dragon Weave, has targeted officials and citizens in the Czech Republic and Taiwan.The attackers used spear-phishing emails to...

A critical vulnerability (CVE-2026-8732) in the WP Maps Pro WordPress plugin allows attackers to create admin accounts.The flaw affects versions prior to 6.1.1 and...

Dutch authorities dismantled a massive botnet of at least 17 million infected devices.The botnet's backend infrastructure included over 200 servers based in the Netherlands.The...

A threat actor used an LLM agent to automate post-exploitation actions after breaching a public-facing Marimo notebook via the critical CVE-2026-39987 vulnerability.The automated agent...