Security News

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [...]

A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited...

Microsoft has issued a security bulletin for a high-severity elevation of privilege vulnerability in Power Pages, which hackers exploited as a zero-day in attacks. [...]

A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political...

Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach...

The cyber security firm reported in its latest annual report that their researchers found more than 30.4 million phishing emails last year.

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale...

Showbiz members' passport scans already plastered online A London talent agency has reported itself to the UK's data protection watchdog after the Rhysida ransomware crew last week claimed it had...

If you want to avoid urgent patches, stop exposing management consoles to the public internet A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two...

OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. [...]