Trend Micro Apex One Directory Traversal Flaw Actively Exploited in Targeted Attacks
Trend Micro has confirmed at least one in the wild exploit attempt against a directory traversal vulnerability in its Apex One enterprise security platform, prompting CISA to order federal agencies to patch within three weeks.
The Latest
Google Accidentally Publishes Details of Unfixed Chromium Bug Allowing Silent JavaScript Execution
Google's accidental publication of an unfixed Chromium flaw allows JavaScript to run silently in browsers even after they are closed,…
Unlocking Hidden Attack Surface: Testing Windows Drivers Without Their Hardware
A new methodology shows how to test Windows kernel driver vulnerabilities for exploitability without requiring the specific hardware the driver…
International Operation Shuts Down VPN Service Used by Two Dozen Ransomware Groups
A VPN service advertised on Russian cybercrime forums as a way to hide from police has been taken offline in…
Anthropic’s Claude Mythos AI Uncovers Thousands of Critical Flaws in Key Software
Anthropic's Claude Mythos Preview AI identified over 10,000 high-severity flaws in critical software, with 97 findings already patched upstream.
Critical Flaw in Nginx Web Server Allows Code Execution Via Heap Overflow
A new heap overflow vulnerability in NGINX allows unauthenticated remote attackers to crash worker processes or execute arbitrary code.
The Rise of Crypto Drainer Services: How Thieves Empty Wallets Without Hacking Devices
Modern crypto drainer operations have evolved into structured affiliate programs that steal assets by tricking users into approving malicious blockchain…
Italian Police Dismantle Streaming Piracy App That Stole Legitimate Credentials
Italian police seized servers and fined subscribers in a major crackdown on a pirate streaming app that hijacked legitimate platform…
Flipper One Seeks Community Developers for Open Linux Hardware Platform
Flipper Devices is asking developers and engineers to help build its new portable ARM Linux computer, which is designed for…
GitHub Tightens npm Security with Staged Publishing and Install Source Controls
GitHub now requires human approval with 2FA for npm package publications and gives developers granular control over package install sources.
North Korean Attackers Abuse Hugging Face to Spread Malicious npm Packages
A North Korean linked threat actor uses Hugging Face's trusted platform to host malware and exfiltrate stolen data from developer machines infected through malicious npm packages.
Backdoored art-template npm Package Turns Websites into iOS Exploit Delivery Points
The compromised art-template npm package silently injected a Coruna exploit kit into web applications, targeting iOS users with a watering…
Why Chargebacks Only Tell Part of the Fraud Story
Fraud prevention teams that focus solely on chargeback rates miss hidden costs from account takeovers, false positives, and operational drag…
Calypso Group Deploys Cross Platform Malware Against Telecom Providers
The campaign leverages Showboat Linux malware and JMFBackdoor Windows implant for long term espionage against telecom networks.
Spotlight
Apple Rejects Over 2 Million Apps and Blocks Billions in Fraudulent Transactions in 2025
Apple blocked over $2.2 billion in fraudulent App Store transactions in 2025, part of a six year total exceeding $11 billion.
Phishing Campaign Lures Ukrainian Officials with Fake Learning Platform Links
A Belarus aligned threat group is targeting Ukrainian government entities with phishing emails that trick victims into downloading malware disguised as a link to a learning platform.
INJ3CTOR3 Group Deploys Self Healing PHP Webshell in FreePBX Toll Fraud Campaign
The JOMANGY webshell uses six interconnected persistence layers that can each reconstruct the others, making infections resistant to cleanup even after patching.
Canadian National Charged for Operating Kimwolf DDoS Botnet
A 23 year old Canadian man has been arrested for operating the Kimwolf botnet, which infected unsecured devices like digital photo frames to launch massive DDoS attacks on global targets.
Features
Two Actively Exploited Flaws Added to CISA Known Vulnerabilities Catalog
CISA adds two actively exploited flaws to its KEV catalog, including a critical Langflow vulnerability exploited by Iranian state hackers…
Signed Lenovo Driver Exploited to Kill Security Software
A legitimate signed Lenovo driver contains a security flaw that lets low privileged users terminate any process, including EDR and…
New Phishing Service Kali365 Targets Microsoft 365 Tokens to Evade MFA
The FBI warns that the Kali365 phishing platform captures OAuth tokens through Microsoft's legitimate device code flow, allowing attackers to…
Microsoft Revamps Edge Password Security After Criticism
Microsoft is rolling out a change to Edge that prevents saved passwords from remaining in plaintext memory throughout the browsing…
Microsoft Takes Down Certificate Fraud Ring That Signed Malware for Criminals
Microsoft dismantled Fox Tempest, a malware signing service that used fraudulently obtained certificates to help cybercriminals bypass security controls.
Active Attacks Target cPanel Flaw to Install Filemanager Backdoor
Threat actors are actively exploiting a critical cPanel authentication bypass flaw to drop a cross-platform backdoor and steal credentials from…