SonicWall has released urgent fixes for a Secure Mobile Access (SMA) 100 series vulnerability actively exploited in the wild: CVE-2025-40602 (CVSS 6.6). What’s the issue A local privilege escalation …

Kaspersky has linked the Operation ForumTroll threat actor to a new phishing wave aimed at Russian academics, shifting from earlier organization-focused attacks to highly targeted individuals in …

A stealthy campaign dubbed GhostPoster embedded malicious JavaScript inside logo image files used by 17 Mozilla Firefox extensions, enabling ad fraud, affiliate hijacking, tracking injection, and …

A China-aligned threat group tracked as Ink Dragon (also known as Jewelbug, CL-STA-0049, Earth Alux, and REF7707) is intensifying campaigns against government organizations in Europe while continuing …

A GRU-linked threat group, APT28, is running a sustained credential-harvesting campaign against users of Ukraine’s UKR.net, according to Recorded Future’s Insikt Group. The activity, tracked from …

AI-assisted coding has supercharged software delivery, but it has also expanded the data exposure surface faster than privacy and security teams can keep up. Traditional, production-first tools are …

A long-lived rogue NuGet package has been caught impersonating the .NET tracing library Tracer.Fody and its maintainer to deploy a cryptocurrency wallet stealer targeting Stratis wallets. Key …

A critical React2Shell vulnerability (CVE-2025-55182, CVSS 10.0) is being actively weaponized to deploy advanced Linux backdoors, notably KSwapDoor and ZnDoor, according to Palo Alto Networks Unit …

Google will retire its Dark Web report feature in February 2026, winding down less than two years after launch. The company says it’s shifting focus to tools that provide clearer, more actionable …

Attackers are actively exploiting two newly disclosed SAML SSO authentication bypass flaws in Fortinet gear, putting unpatched FortiGate and related products at immediate risk. What’s happening On …