We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain ...

For nearly 30 years, security experts have warned organizations to ditch the weak NTLM authentication protocol in Windows.

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

A recent supply-chain-style intrusion has put a spotlight on a familiar truth in cybersecurity: attackers don’t always need to hack ...

Security researchers have discovered a new ransomware-as-a-service (RaaS) group which has already victimized organizations in ...

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...

A government shutdown is often framed as a budget and operations crisis—but it is also a cybersecurity risk multiplier. When ...

IoT penetration testing is a security assessment of the complete IoT ecosystem, from backend systems and cloud services to mobile devices and hardware. It involves a multi-stage simulated attack on ...