ESET’s APT Activity Report Q2–Q3 2025 reveals an alarming surge in destructive cyber operations against Ukrainian infrastructure, driven by Russia-aligned threat actor Sandworm. The campaign, which unfolded...

A newly discovered ransomware strain, Midnight, has drawn attention from the security community for both its lineage and its unusual vulnerabilities. Identified by Gen...

Proofpoint researchers uncovered a new Iran-linked threat cluster, dubbed UNK_SmudgedSerpent, that conducted espionage-themed phishing operations targeting academics and foreign policy experts between June and...

A recent investigation uncovered a campaign that abuses malicious Visual Studio Code (VS Code) extensions to spread ransomware, leveraging GitHub repositories as part of...

When trusted developers make mistakes, the consequences can be catastrophic. Anthropic, one of the most prominent AI companies, published three official Claude Desktop extensions...

In a significant blow to the DeFi ecosystem, Check Point Research revealed that Balancer V2’s ComposableStablePool contracts were exploited on November 3, 2025, resulting...

A critical vulnerability affecting HTTP/2 implementations worldwide has emerged, allowing attackers to trigger devastating denial-of-service attacks by exploiting stream reset mechanisms. Tracked as CVE-2025-8671...

Researchers at Palo Alto Networks’ Unit 42 have uncovered a sophisticated malware family, Airstalk, deployed as part of a suspected nation-state operation tracked under...

A new campaign involving the ValleyRAT remote-access trojan (RAT) is targeting Chinese-language users and organizations with advanced evasion, privilege escalation, and environment-aware features that...

A security incident at SonicWall has been definitively linked to state-sponsored threat actors, according to findings from Mandiant, the leading cybersecurity incident response firm....