Code Defence

Attackers are exploiting a zero-day spoofing vulnerability in SharePoint Server to falsify internal corporate communications and facilitate high-fidelity phishing. This […]

A critical prototype pollution vulnerability in the world most popular PDF reader was weaponized months before its public disclosure. This

A professionalized vishing-as-a-service platform is utilizing AI voice synthesis to automate credential harvesting at an industrial scale. This platform removes

Unauthenticated attackers are actively weaponizing a critical SQL injection flaw in your endpoint management infrastructure to execute unauthorized code. Today

A 17-year-old remote code execution vulnerability in the Microsoft Office Excel engine has been resurfaced for use in modern ransomware

A high-severity privilege escalation vulnerability in the Windows security subsystem has been patched following the public release of functional exploit

A critical prototype pollution vulnerability in the world most popular PDF reader was weaponized months before its public disclosure. This

Attackers are actively exploiting a critical spoofing vulnerability in Microsoft SharePoint Server to falsify internal communications and facilitate social engineering

A legacy vulnerability in the Microsoft Visual Basic for Applications engine is being resurfaced by threat actors to achieve unauthorized

A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.