A ransomware intrusion has dismantled the 158-year-old UK transport company KNP Logistics after hackers exploited a single weak password to gain system access. The breach ...

Over 3500 websites have been silently compromised in a new browser-based cryptojacking operation. Researchers at c/side discovered hidden JavaScript that assesses a user’s system power ...

A fresh zero-day in Microsoft SharePoint, CVE-2025-53770, has erupted across on-prem environments. It’s impact: unauthenticated remote code execution (RCE) and full compromise of vulnerable servers. ...

A recent code-level revision in the Chromium runtime addresses several critical execution-layer flaws, among them CVE-2025-6558, which has been confirmed as being weaponized in uncontrolled ...

Authorities have broken up a Romania-based crew that had been quietly locking down network storage systems in Italy’s Lombardy region. The attackers targeted outdated NAS ...

Around mid-May 2025, Cloudflare neutralized 7.3 million DDoS events, down from Q1’s 20.5 million, which included a sustained 18-day barrage. Despite the volume drop, attack ...

Security researchers have found that leaked Laravel APP_KEYs can open the door to remote code execution in production environments. These 32-byte encryption keys, meant to ...

Gold Melody, also identified as TGRCRI0045, Prophet Spider, and UNC961, has been observed exploiting exposed ASP.NET machine keys to infiltrate enterprise networks. Access gained through ...

Hackers have been found misusing Shellter, a tool originally meant for ethical red teaming, to deliver Stealer malware. The vendor reported that a Shellter Elite ...

A recent malware campaign is manipulating search engine results to deliver a loader known as Oyster. Disguised domains mimicking trusted software sources like PuTTY and ...