Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.

Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware ...

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...

Microsoft' 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day ...

After noticing a spike in detections involving what looked like a movie torrent for One Battle After Another, Bitdefender researchers started an investigation and discovered that it was a complex ...

KB5072033 addresses vulnerabilities across Windows systems and Office applications—including one actively exploited zero-day.

A phishing campaign impersonating Booking.com is attempting to trick property partners into running malware on their ...

Microsoft is publishing a relatively light 54 new vulnerabilities this Patch Tuesday, which is significantly lower than we ...

Microsoft’s big December 2025 Patch Tuesday fixes 3 zero-day flaws and 57 other vulnerabilities.

Iran's top state-sponsored APT tried out some interesting evasion tactics in a recent spate of attacks, delving into Snake, ...

Fable Security researchers have uncovered a new risk targeting ChatGPT Atlas users: cybercriminals are now using the platform ...