Sead Fadilpašić

A researcher created a working PoC for a ransomware strain that bypasses all antivirus programs.

A researcher claims a DOGE employee was compromised four times but some security pros disagree.

Businesses are running old, outdated IoT and aren't adhering to cybersecurity standards.

Some companies have up to ten vacant positions leaving the gates for the crooks wide open.

Crooks are abusing Dynamics 365 Customer Voice to redirect victims to convincing credential harvesting pages.

Investigation into Insight Partners January 2025 breach concludes sensitive data was stolen.

Multiple research groups finds ransomware groups are abusing Kickidler to run attacks.

Another day, another hardcoded token, as Cisco moves to defend against threats.

Multiple Linksys and Cisco models are among those being targeted and assimilated into botnets.

Another case of exposed Git configuration files leading up to a larger compromise, this time against education giant Pearson.

With the API, website developers can build fully-fledged WordPress and WooCommerce sites, fast.

A zero-day in Windows Common Log File System was being used to drop encryptors and backoors.

Police in Poland, The Netherlands, Germany, and the US take down DDoS-for-hire services and arrested alleged admins.

No confirmation if it was a ransomware attack yet, but parts of Masimo infrastructure were shut down to contain the incident.

"Don't do crime, crime is bad," someone tells LockBit as they leak sensitive data.

OttoKit plugin bug allows threat actors to create new admin accounts.

Unprotected beWanted database remains open, with the company yet to respond to inquiries.

Say hello to the Wix Model Context Protocol (MCP) Server built for both designers and website owners.

Very sensitive PII was taken, including health and payment data from iHeartRadio customers.