CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Nov 30, 2025Ravie LakshmananHacktivism / Vulnerability The U.S. Cybersecurity and Infrastructure Security…
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
Nov 28, 2025Ravie LakshmananSupply Chain Attack / Malware The North Korean threat…
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code…
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
Nov 28, 2025Ravie LakshmananEmail Security / Enterprise Security Cybersecurity researchers have shed…
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
Nov 27, 2025Ravie LakshmananMalware / Social Engineering The threat actor known as…
Gainsight Expands Impacted Customer List Following Salesforce Security Alert
Nov 27, 2025Ravie LakshmananRansomware / Cloud Security Gainsight has disclosed that the…
New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT…
Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
The second wave of the Shai-Hulud supply chain attack has spilled over…
JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers
Cybersecurity researchers are calling attention to a new campaign that's leveraging a…