CVE was built to track code flaws with fixes. It’s now being stretched to cover malware and supply chain incidents that don’t fit. Agent infrastructure and AI assets are where that drift becomes ...

The growing reliance on technology has generated substantial opportunity for cybercriminals to exploit vulnerabilities in devices, networks, and software systems. As an increasing number of ...

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks. Microsoft Teams impersonation and social ...

With the rapid development of new energy vehicles and Internet of Things technology, new energy vehicle users have an increasing demand for electric vehicle supply equipment (EVSE). However, a large ...

I'd like to thank my coauthors Adrian Schipor, Victor Vrabie, Marius Baciu, and Martin Zugec for their invaluable contributions to this research. This research provides a direct look at the new ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. A new social engineering campaign is abusing ...

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...

In the world of cybersecurity, understanding the deepest layers of the operating system isn't just academic—it's essential. For those of us defending, analyzing, or testing Linux environments, the ...

Mission: Impossible – The Final Reckoning is now in theaters, and many of the publicly available peer-to-peer sharing websites are already offering the movie as a download. Public interest in such a ...

These certs offer hands-on training and up-to-date curricula, equipping offensive security professionals with their choice of specialized or broad skill credentialing. Red team careers are in high ...

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...