Fake Gitcode and DocuSign sites are tricking users into running PowerShell scripts that install NetSupport RAT.

Then a couple of weeks ago, ESET noted that APT28 had leveraged cross-site scripting (XSS) vulnerabilities in various webmail servers such as Roundcube, Horde, MDaemon, and Zimbra to harvest ...

A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to ...

Google fixed CVE-2025-5419 in Chrome after detecting active exploitation, affecting all platforms using V8 engine.

Google Chrome to Distrust Chunghwa and Netlock TLS Certificate Authorities Over Repeated Compliance Failures and Behavioral ...

Microsoft and CrowdStrike map over 80 threat actors to reduce naming confusion and help analysts respond faster.

To that effect, the U.S. Department of Justice (DoJ) said it seized four domains and their associated server facilitated the ...

Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web ...

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and ...

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, ...

Government agencies are continuously targeted by advanced persistent threats (APTs) from nation-state adversaries, requiring ...

Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called ...