A critical OttoKit plugin flaw CVE-2025-3102 exploited within hours lets attackers create admin accounts unchecked.

Incomplete fix for CVE-2024-0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.

Malicious npm package pdf-to-office trojanizes Atomic Wallet, Exodus apps to steal crypto funds, persisting after deletion.

PlayPraetor expands to 16,000+ URLs with five new Android malware variants, posing global threats to financial sectors.

Gamaredon breached a Western military mission on Feb 26, 2025, using upgraded GammaSteel malware and new obfuscation tactics.

Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that's ...

Kaspersky said its investigation into ToddyCat-related incidents in early 2024 unearthed a suspicious DLL file ("version.dll" ...

CVE-2025-29824 exploited via PipeMagic malware escalated SYSTEM privileges, leading to targeted ransomware attacks.

CERT-UA identifies GIFTEDCROOK malware stealing browser data via phishing Excel files in attacks targeting Ukrainian ...

Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an ...

Adobe fixes 11 critical ColdFusion vulnerabilities in April 2025, urging updates to prevent file reads and code execution.

Google patched 62 flaws, including two actively exploited kernel bugs, closing exploit chains used in Android attacks.