Code Defence

At least 50 organizations, mostly in the US, have been compromised by attackers exploiting a critical flaw (CVE-2025-59287) in Windows […]

CISA has added a high-severity VMware vulnerability (CVE-2025-41244) to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation by China-linked

A new threat report indicates that nearly half of all organizations that pay a ransom to cybercriminals are unable to

Ribbon Communications, a major US firm that provides critical technology for telecom networks (including for government and major carriers), disclosed

The Canadian Centre for Cyber Security issued an alert warning that hacktivist groups are actively breaching critical infrastructure. Recent attacks

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation. The flaws are

CISA and the NSA have jointly released “Microsoft Exchange Server Security Best Practices,” a guide to help organizations harden on-premises

A critical unauthenticated arbitrary file upload vulnerability (CVE-2025-5678, CVSS 9.8) has been found in the FormCraft Pro WordPress plugin, installed

The Iranian state-sponsored group Charming Kitten (aka APT35, Phosphorus) has been observed deploying a previously unseen backdoor named “GhostEcho.” The

A new ransomware variant named “DataViper” has emerged, specifically scanning the internet for and targeting publicly exposed, misconfigured databases (like