Discover how a GitHub Action compromise triggered a cascading supply chain attack, exposing CI/CD secrets and highlighting the importance of cybersecurity vigilance.

Discover how a cyber extortion group, Ox Thief, resorted to threatening to contact Edward Snowden if their ransom demands weren't met, highlighting the desperation in the ransomware landscape.

TL;DR A critical vulnerability in Apache Tomcat is being actively exploited, allowing attackers to execute remote code and access sensitive files with a single PUT request. This flaw highlights the...

TL;DR A severe vulnerability in AMI’s MegaRAC BMC software puts servers at risk of being hijacked or permanently disabled. This flaw allows attackers to exploit vulnerable systems, leading to poten...

TL;DR CISA has released seven crucial advisories regarding Industrial Control Systems (ICS) vulnerabilities. These advisories address security issues in systems from Schneider Electric, Rockwell A...

Explore the recent developments at CISA as they rehire and bench security staff on full pay, highlighting the agency's strategic moves in cybersecurity management.

Learn about the latest vulnerabilities added to CISA's Known Exploited Vulnerabilities Catalog and their implications for cybersecurity.

Discover the latest cyber espionage operation by China-linked MirrorFace, targeting a diplomatic organization in the EU with ANEL and AsyncRAT malware.

Discover how threat actors are exploiting a Server-Side Request Forgery (SSRF) flaw in ChatGPT to target U.S. financial and government organizations. Learn about the vulnerability, its impact, and ...

TL;DR The BADBOX 2.0 botnet has infected 1 million Android devices for ad fraud and proxy abuse. Four threat actors—SalesTracker Group, MoYu Group, Lemon Group, and LongTV—are involved. Intr...