Peter Stokes, 19, faces U.S. charges tied to at least four alleged intrusions, including a 2025 jewelry retailer hack.
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
Kaspersky says 90+ spoofed domains use malicious installers and SEO to deliver AsyncRAT to Windows systems through ScreenConnect.
Fortinet says the May 2026 Ousaban campaign uses PDF lures, geofencing, and steganography to target Windows banking users.
ColdFusion 2023 Update 21, 2025 Update 10, and ACC v7 build 9397 fix code execution bugs; no exploits reported.
Sentire says attacks began June 29 against a CVSS 9.6 OS command injection flaw that enables unauthenticated code execution.
Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...
Mandiant says CVE-2026-20245 was exploited as a Cisco SD-WAN zero-day to escalate admin access to root on a provider network.
Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...
Symantec and Carbon Black link Mistic backdoor attacks to KongTuke, using ClickFix lures and in-memory execution for stealthy ...
AIR says its fake AI skill passed scanner checks by using a mutable external link, exposing a blind spot in agent skill ...
This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results