Discover the recent supply chain compromise of the popular GitHub Action, tj-actions/changed-files, tracked as CVE-2025-30066. Learn about the vulnerability, its impact, and the necessary mitigatio...

Learn about the recent supply chain attack targeting GitHub Actions and the urgent steps needed to secure your secrets from potential leaks due to CVE-2025-30066.

Discover how 11 state-sponsored hacking groups have exploited a critical Windows zero-day vulnerability for data theft and cyber espionage since 2017. Learn about the ongoing cybersecurity threats ...

TL;DR Microsoft discovered a new remote access trojan (RAT) named StilachiRAT, which employs advanced techniques for stealth, persistence, and data theft. The malware targets browser credentia...

TL;DR Cybersecurity researchers have discovered a new supply chain attack called the “Rules File Backdoor.” This attack targets AI-powered code editors, such as GitHub Copilot and Cursor, allowing ...

Discover the latest critical vulnerability in AMI's MegaRAC BMC software that allows attackers to bypass authentication and execute severe post-exploitation actions.

Discover how a sophisticated ad fraud campaign has infiltrated 331 apps on the Google Play Store, affecting millions of users with aggressive ads and phishing schemes.

Discover how nation-state actors and cybercrime gangs exploit malicious .lnk files for espionage and data theft, leveraging a critical Windows vulnerability. Learn about the impact and how to prote...

TL;DR Microsoft has issued a warning about a new remote access trojan (RAT) called StilachiRAT. This malware uses advanced techniques to avoid detection and steal sensitive data, including browser ...

Explore how an eight-year-old Microsoft shortcut vulnerability has been exploited by nation-states for spying, and why Microsoft hasn't prioritized a fix.