The sophisticated supply chain attack on the Axios library has been confirmed as the result of a targeted social engineering […]
North Korean UNC1069 used social engineering to hijack Axios npm distribution Read More »
Attackers are industrializing the exploitation of a memory overread flaw to hijack enterprise sessions and bypass multi-factor authentication. This vulnerability
Active exploitation of Citrix NetScaler memory disclosure flaw surging globally Read More »
The major data exfiltration event impacting the European Commission cloud infrastructure has been formally traced to the compromise of a
European Commission breach linked to TeamPCP Trivy supply chain compromise Read More »
The North Korea-nexus threat actor UNC1069 successfully compromised the distribution channel for Axios‚ the most popular JavaScript HTTP client library.
UNC1069 North Korea-nexus actor compromises Axios npm package distribution Read More »
Today marks the final remediation deadline for a series of high-impact vulnerabilities that allow for remote code execution and session
Final CISA deadline for critical Apple WebKit and Laravel Livewire vulnerabilities Read More »
A critical vulnerability in the TrueConf video conferencing client is being actively exploited to download and execute malicious code without
CISA adds TrueConf Client code integrity flaw to KEV following active exploitation Read More »
The Interlock ransomware group is systematically exploiting a critical root-level code execution flaw in firewall management infrastructure. This campaign bypasses
Interlock ransomware weaponizes Cisco Secure FMC RCE for edge-device intrusions Read More »
A newly disclosed flaw dubbed PolyShell allows attackers to take full control of e-commerce sites. 🐚 Vulnerability Alert · Impacting
Critical Adobe Commerce PolyShell flaw allows unauthenticated takeover. 🐚 Read More »
A critical buffer overflow in Safari and iOS is being actively exploited to compromise mobile devices. 📱 CVE-2025-31277 · Severity
CISA adds critical Apple WebKit buffer overflow to KEV catalog today. 📱 Read More »
The FBI has struck back against the threat actors who crippled one of the largest medical technology firms. 🛡️ Enforcement
FBI seizes domains of Iran-linked group behind Stryker wiper attack. 🛡️ Read More »
