Mobile-focused phishing using SEO poisoning and fake portals hit payroll systems in May 2025, rerouting salaries and evading ...

Void Blizzard targeted over 20 NGOs using credential phishing via fake Entra logins, exfiltrating sensitive cloud data.

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a ...

Luna Moth uses spoofed IT domains and callback phishing to access law firm data, bypassing detection with legitimate tools.

TAG-110 abandoned HTA-based payloads in January 2025, using macro-enabled Word templates to target Tajik institutions.

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools ...

Download the full CISO's guide here. Website Privacy Validation tools shift privacy from reactive to proactive by ...

The Zscaler ThreatLabz 2025 Phishing Report dives deep into the rapidly evolving phishing landscape and uncovers the latest ...

SafeLine WAF delivers 99.45% threat detection via semantic analysis + full self-hosted control + zero subscription fees.

Latrodectus malware evades detection with ClickFix technique; TikTok and fake Ledger apps expand threat reach.

Windows Server 2025 flaw allows any user with dMSA write permissions to escalate privileges and compromise AD.

UNC5221 exploited Ivanti EPMM flaws CVE-2025-4427/4428 in global attacks starting May 15, 2025, enabling remote access and ...