DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft
Aug 20, 2025Ravie LakshmananVulnerability / Browser Security Popular password manager plugins for…
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems
Aug 19, 2025Ravie LakshmananLinux / Malware Threat actors are exploiting a nearly…
Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures
Aug 18, 2025Ravie LakshmananMalware / Enterprise Security The threat actors behind the…
Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware
Aug 18, 2025Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have lifted the…
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware
Aug 16, 2025Ravie LakshmananMalware / Vulnerability The threat actor known as EncryptHub…
CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog
Aug 14, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure…
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks
Aug 13, 2025Ravie LakshmananMalvertising / Cryptocurrency Cybersecurity researchers have discovered a new…
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults…
What Attackers Are Doing With Them
When an organization's credentials are leaked, the immediate consequences are rarely visible—but…