JanelaRAT hits Latin American banks with 14,739 attacks in Brazil in 2025, enabling credential theft and financial espionage ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...

Inbox remains the primary attack entry point, driving security leaders to add adaptive AI protection to strengthen cloud email defenses.

APT37 spreads RokRAT via Facebook and trojanized PDFelement accounts created Nov 10, 2025, enabling espionage and data theft.

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without ...

The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an ...

AI-driven attacks exploiting zero-days and 29-minute breakout times expose SOC investigation gaps, accelerating the shift to automated response.

Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.

CPUID breach served STX RAT via trojanized CPU-Z downloads on April 9–10, impacting 150+ victims and multiple industries.

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...

Google releases DBSC in Chrome 146 for Windows, binding cookies to devices to reduce session theft and prevent unauthorized ...