A targeted malware campaign aimed at Pakistan’s government-linked security infrastructure has exposed how threat actors are combining social engineering, obfuscated code and trusted online services to ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Apple has released a new iPhone update — that has taken many by surprise — to address a vulnerability that was recently ...

None ...

The liquid restaking protocol said the compromised verifier was LayerZero's own infrastructure, and the setup it was faulted ...

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.

A zero-click exploit called DarkSword can silently compromise older iPhones through Safari with no user action. Devices on ...

RedSun exploit targets Microsoft Defender zero-day, granting SYSTEM access on fully patched Windows systems with no patch ...

The barrier to connecting minor vulnerabilities into a full system compromise has been lowered. Read more at straitstimes.com ...

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...