Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

The Cybersecurity and Infrastructure Security Agency has released an updated Malware Analysis Report (MAR) revealing new findings on RESURGE, a highly sophisticated malware implant that exploits ...

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.

China-linked UAT-9244 targets South American telecom networks with TernDoor, PeerTime, and BruteEntry malware on Windows, Linux, and edge devices.

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software.

A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge ...

The Linux distribution KaOS 2026.02, released last week, brings a remarkable change: it is dropping support for KDE Plasma.

Just like algae blooms in the ocean and pollen in the spring, there’s been an explosion in the past year or two of new software, related tools and lingo from the IT and mainstream/consumer side. Some ...

UNC2814 historically targets governments and telcos A China-linked crew found a unique formula for attacking telcos and government orgs across the Americas, Asia, and Africa in its latest round of ...

Docker is a widely used developer tool that first simplifies the assembly of an application stack (docker build), then allows ...

The GRIDTIDE backdoor concealed its traffic within routine spreadsheet activity for years before Google shut down the operation last week.

A self-replicating npm worm dubbed SANDWORM_MODE hits 19+ packages, harvesting private keys, BIP39 mnemonics, wallet files and LLM API keys from dev environments.