A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login ...

Warlock ransomware breached SmarterTools via unpatched SmarterMail, exploiting critical flaws to access Windows systems and deploy encryption payloads ...

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

Cybercriminals have found a lucrative niche in the shadow economy by trading stolen air miles for as little as 56p. A new investigation by NordVPN and travel eSIM provider Saily has exposed a massive ...

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...

The malicious Trust Wallet extension has also been exporting users’ personal information, pointing to potential insider activity, according to cybersecurity company SlowMist. Trust Wallet users lost ...

Weeks after suffering a major exploit that drained over $110 million from its Balancer v2 vaults, Balancer DAO has begun discussing a plan to distribute roughly $8 million in recovered assets to ...

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code execution vulnerability tracked as CVE-2025-59287. The issue affects the Windows ...

Governments and private security sleuths warned that attackers are already exploiting a critical bug in Microsoft Windows Server Update Services, shortly after ...

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. While the ...