Microsoft disclosed a record 1,360 vulnerabilities in 2024 + Critical bugs dropped to 78 + Risks shift toward EoP, cloud, and ...

Golden Chickens launch TerraStealerV2 and TerraLogger; both still developing but actively steal data via OCX payloads.

Malicious Go and PyPI packages use Gmail and wget to exfiltrate data, wipe Linux disks, and hijack crypto credentials.

Iranian threat actor Lemon Sandstorm accessed Middle East CNI from 2023–2025 using VPN flaws, web shells, and 8 custom tools.

Leonidas Varagiannis (aka War), 21, and Prasan Nepal (aka Trippy), 20, the two alleged leaders of a child extortion group 764 ...

"TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency ...

From the credentials page, select New credential, scroll down to the relevant credential and complete the required fields.

Stealth malware MintsLoader delivers GhostWeaver RAT + Evades sandboxes using DGA + Powers data theft via encrypted C2 ...

"Brand new Microsoft accounts will now be 'passwordless by default,'" Microsoft's Joy Chik and Vasu Jakkal said. "New users ...

Prompt injection flaws in Anthropic’s MCP and Google’s A2A protocols enable covert data exfiltration and AI manipulation.

SonicWall confirms wild exploitation of CVE-2023-44221 and CVE-2024-38475 in SMA100 devices, risking file access and session ...

Backdoor plugin hijacks WordPress sites with admin access, stealth reinfection, and JS ad fraud—active since Jan 2025.