Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

State hackers from four nations exploited Google's Gemini AI for cyberattacks, automating tasks from phishing to malware development..

More than 25 million individuals are now tied to the Conduent Business Services breach as investigations continue to expand its scope. In Canada, approximately 750,000 investors were affected in the ...

In the threat-intel group's most recent AI Threat Tracker report, released on Thursday and shared with The Register in advance, Google attributes this activity to APT31, a Beijing-backed crew also ...

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk (WHD) instances to get an initial foothold and then ...

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries. The ...

New Mexico AG alleges Meta enabled child exploitation on platforms Meta claims First Amendment, Section 230 shield it from liability Meta faces scrutiny over child safety, mental health impacts Jan 30 ...

Abstract: An increasing number of web application services raises significant security concerns. Online access to these applications exposes them to multiple cyberattacks. The Open Web Application ...

The company raised its Series A round within four months of founding – one of the fastest funding trajectories in the offensive security sector, driven by rapid customer traction, an elite team ...

Buterin defines “corposlop” as corporate systems blending sleek branding with unethical profit maximization. Bitcoin maximalists recognized corporate threats early but relied on government ...

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...