The details are transmitted to a threat actor-controlled Telegram bot named "@sshZXC_bot" (ssh_bot) via the API, which then ...

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose ...

INTERPOL’s Operation Serengeti 2.0 Arrests 1,209 Cybercriminals in Africa, Recovers $97.4M, Dismantles 11,432 Infrastructures ...

Murky Panda exploited Citrix CVE-2023-3519 and Commvault CVE-2025-3928 to deploy CloudedHope malware, enabling covert ...

Commvault patched four flaws before 11.36.60, including CVE-2025-57790 (8.7 CVSS), preventing remote code execution.

Phishing emails with RAR archives exploit Linux filename injection to deliver VShell backdoor, bypassing antivirus defenses ...

ClickFix attacks deliver CORNFLAKE.V3 backdoor via fake CAPTCHAs, enabling multi-payload delivery and persistence since Sept ...

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in ...

Specifically, the attack chain first uses CVE-2025-31324 to sidestep authentication and upload the malicious payload to the ...

Attackers exploit CVE-2023-46604 in Apache ActiveMQ, deploy DripDropper malware, then patch flaw to secure persistence.

Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.

"The 'kill switch' code – which Lu named 'IsDLEnabledinAD,' abbreviating 'Is Davis Lu enabled in Active Directory' — was ...