KadNap botnet infects 14,000+ routers using DHT-based P2P control while ClipXDaemon hijacks crypto wallets on Linux X11.

Attack surface exposure leaves services reachable as exploits appear within 24–48 hours after disclosure, increasing breach risk.

APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.

Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.

Nine “LeakyLooker” flaws in Google Looker Studio allowed cross-tenant SQL access across GCP services before being patched.

Modified AuraInspector scans misconfigured Salesforce Experience Cloud sites, extracting CRM data and enabling targeted vishing campaigns.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities ( KEV) catalog, based on evidence of active exploitation.

UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

Bitdefender GravityZone webinar shows how mid-market teams consolidate security tools to reduce complexity and improve ...

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.