A critical flaw in legacy D-Link DSL routers lets unauthenticated attackers run commands and hijack DNS, with active ...
The operators behind the highly adaptable RondoDox botnet campaign that kicked off in late March have proven to be ready to embrace the latest attack trends. Most recently, in December they began ...
Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
A new PHALT#BLYX campaign targets European hotels using fake Booking.com emails, ClickFix lures, PowerShell, and MSBuild to ...
The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Securonix is detailing a multi-stage campaign that starts with a bogus Booking.com message that runs through a ClickFix technique and a fake Blue Screen of Death before dropping the DCRat malware that ...
December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
A newly uncovered Chinese threat group known as DarkSpectre has been linked to one of the most widespread browser extension ...
Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback