The Federal Bureau of Investigation (FBI) has issued fresh warnings about malicious activities by North Korean IT workers targeting U.S.-based…
Microsoft issued a critical patch to address CVE-2025-21298, a zero-click Remote Code Execution (RCE) vulnerability in Windows Object Linking and…
A new report has put the spotlight on potential security vulnerabilities within the popular open-source framework Next.js, demonstrating how improper…
The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing by web servers. This technique allows…
Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also come with a dark side. Cybercriminals…
The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers to launch increasingly sophisticated phishing campaigns.…
CYFIRMA's Research and Advisory team has identified a new strain of ransomware labeled "Nnice," following the continuous monitoring of underground…
Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational…
Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat actor clusters exploiting Microsoft Office 365…
A critical vulnerability in SonicWall's SMA1000 series tracked as CVE-2025-23006, has come under active exploitation by threat actors. SonicWall's PSIRT (Product…