Sead Fadilpašić

Microsoft publishes an out-of-band patch after PoC for an RCE flaw emerges.

The critical severity bug is being actively exploited in the wild, possibly by ransomware actors, CISA says.

Lazarus is after drone know-how and has infiltrated three firms.

Toys "R" Us is urging customers to be wary of incoming phishing attacks.

An update made the trust between Windows and Entra ID "disappear" but HP is working on it.

Gift cards are ideal for hackers since they can easily be redeemed or sold without sharing personally identifiable data.

Generative AI is being used to create flawless phishing lures - and it's increasing the popularity of the technique.

Hackers are still trying to infect victims via Word macros, despite the technique dying years ago.

Adobe patches a deserialization vulnerability in Magento and Commerce.

TP-Link patches four important bugs, including two critical severity ones.

An “HTTP request smuggling bug” was found in ASP.NET Core that could allow different security bypasses.

ClickFix has made its way to TikTok - so be careful whose advice you're taking.

A WatchGuard VPN patch is already available - so make sure you apply it as soon as possible.

Seven people were arrested and four luxury cars confiscated in Europol operation.

Shadowserver Foundation tracks how many F5 instances are exposed online and could be targeted by nation-state attackers.

The Chinese were apparently spying on Russians for almost half a year.

State-sponsored actors are using Ethereum and BNB to host malware and steal people's money.

More than 14,000 websites were seen distributing malware with the help of blockchain technology.

The ransomware entered 'phase 3' in February 2025 becoming a full-blown malicious business platform.

An Indian marketing company kept an open database filled with sensitive information.