CrushFTP flaw CVE-2025-54309 exploited in wild, giving attackers admin access. Older builds before July 1 are at high risk ...

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign.

This article discusses why IT leaders must think beyond backup and embrace cyber resilience to survive and thrive in the ...

A new attack uses CVE-2021-41773 in Apache HTTP Server to install a cryptocurrency miner via compromised websites.

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 ...

CVE-2025-0282 is a critical security flaw in ICS that could permit unauthenticated remote code execution. It was addressed by Ivanti in early January 2025. CVE-2025-22457, patched in April 2025, ...

"The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open ...

APT28 targets Ukrainian government officials with a phishing campaign delivering LAMEHUG malware, utilizing Alibaba Cloud’s ...

Critical NVIDIA vulnerability CVE-2025-23266 impacts 37% of cloud services, allowing privilege escalation and data tampering.

Europol dismantles NoName057(16), a Russian group behind DDoS attacks, arresting two and targeting over 1,000 supporters.

Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act | Read more hacking news on The ...

The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen ...