-
Attackers targeted admin accounts, and once authenticated, exported device configurations including hashed credentials and other sensitive information. Read More
-
Anthropic proves that LLMs can be fairly resistant to abuse. Most developers are either incapable of building safer tools, or unwilling to invest in doing so. Read More
-
The remote access Trojan lets an attacker remotely control a victim’s phone and can generate malicious apps from inside the Play Store. Read More
-
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 (CVSS score: 6.6), concerns a case of local privilege escalation that arises as a result of insufficient authorization in the appliance management…
-
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab. “Kimwolf is a botnet compiled using the NDK [Native Development…
-
But media reports described the attack as causing major disruption to PDVSA, the state-owned oil and natural gas company. Read More
-
Amazon detailed a long-running campaign by Russia against critical infrastructure organizations, particularly in the energy sector. Read More
-
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper Read More
-
_AlexPhotoStock_alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Urban VPN Proxy, which claims to protect users’ privacy, collects data from conversations with ChatGPT, Claude, Gemini, Copilot and other AI assistants. Read More
-
Two Apple zero-day vulnerabilities discovered this month have overlap with another mysterious zero-day flaw Google patched last week. Read More