A massive mobile malware campaign targets Android and iOS users in Asia, stealing personal data through fake apps.

JavaScript injection attacks surged in 2024, hitting major brands via Polyfill.io. Learn why frameworks failed.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability ...

Browser-based identity attacks surge in 2025, targeting SaaS apps and weak credentials across enterprise accounts.

In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...

Legacy email filters miss post-delivery threats in Microsoft 365 and Google Workspace, exposing data. Here's how EDR-style ...

Tridium Niagara flaws expose critical infrastructure to takeover if misconfigured, affecting security and system uptime.

Scattered Spider targets VMware ESXi in fast, stealthy ransomware attacks across U.S. retail and airline sectors.

This is why Endpoint Detection and Response (EDR) is really only one piece of the endpoint protection puzzle. It offers key ...

Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.

CastleLoader malware infected 469 devices via ClickFix, GitHub, and phishing since May 2025. Malware delivery is evolving ...

Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 ...