More results...
A critical security vulnerability in Microsoft Azure’s API Connection architecture has been discovered that could allow attackers to completely compromise resources across different tenant environments, potentially exposing sensitive data stored …
The National Institute of Standards and Technology (NIST) has unveiled a comprehensive initiative to address the growing cybersecurity challenges associated with artificial intelligence systems through the release of a new concept paper and proposed ac…
A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side Request Forgery (SSRF) attack. The flaw, designated CVE-2025-9074, was patched in D…
A critical security vulnerability has been discovered in the widely-used sha.js npm package, exposing millions of applications to sophisticated hash manipulation attacks that could compromise cryptographic operations and enable unauthorized access to s…
The Warlock ransomware group has intensified its operations by targeting unpatched on-premises Microsoft SharePoint servers, leveraging critical vulnerabilities to achieve remote code execution and initial network access. This campaign, observed in mid…
The PromptFix attack tricks AI browsers with fake CAPTCHAs, leading them to phishing sites and fake stores where…
Cyber spies associated with the threat actor group Paper Werewolf have demonstrated advanced capabilities in bypassing email security filters by delivering malware through seemingly legitimate archive files, a tactic that exploits the commonality of su…
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old vulnerability (CVE-2018-0171), the FBI and Cisco warned on Wednesday. “…
Kali Linux has announced a major overhaul of its Vagrant virtual machine distribution system, transitioning from HashiCorp’s Packer to the DebOS build system for creating pre-configured command-line accessible VMs. This strategic shift unifies Ka…
Mozilla has released Firefox 142 to address multiple critical security vulnerabilities that could enable remote attackers to execute arbitrary code on affected systems. The Mozilla Foundation Security Advisory 2025-64, announced on August 19, 2025, det…