Threats

A significant portion, 68%, of actively serving phishing kits are being protected by Cloudflare, according to a new security report…

A sophisticated supply chain attack has been uncovered, leveraging a malicious Visual Studio Code (VSCode) extension to distribute potent malware.…

A newly identified feature in Anthropic’s Claude AI, named Claude Skills, presents a significant security vulnerability, potentially enabling adversaries to…

A critical vulnerability affecting the King Addons for Elementor WordPress plugin has been identified, putting over 10,000 active installations at…

On Thanksgiving eve, Microsoft Threat Intelligence analysts detected and blocked a large-scale phishing campaign orchestrated by a threat actor identified…

A stealthy malware campaign has targeted developers through the open-source Rust ecosystem, masquerading as a legitimate utility for verifying Ethereum…

A sophisticated malware named Shai-Hulud 2.0 has compromised over 30,000 GitHub repositories since its emergence on November 24, 2025, marking…

Hackers are employing a sophisticated phishing campaign that leverages the familiar interface of Calendly to steal Google Workspace account credentials.…

The decentralized finance (DeFi) sector was struck by a significant security incident on November 30, 2025, when hackers exploited a…

Threat actors are reportedly distributing a sophisticated remote access trojan (RAT) known as K.G.B RAT, which boasts advanced detection evasion…

A new phishing campaign is actively targeting organizations, leveraging a deceptive “Executive Award” theme to deliver the potent Stealerium malware.…

MuddyWater, an Iran-aligned cyberespionage group also known as Mango Sandstorm, has escalated its operations with a new, sophisticated campaign targeting…