Security News

Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites....

A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. [...]

A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [...]

A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's...

Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office...

Cloud-based streaming company StreamElements confirms it suffered a data breach at a third-party service provider after a threat actor leaked samples of stolen data on a hacking forum. [...]

CVE-2025-22230 is described as an "authentication bypass vulnerability" by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials.

Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security. Atlantis AIO "has emerged as a...

A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident...

Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media...