A highly active cybercriminal group known as "Water Curse" has been found distributing multistage malware through at least 76 weaponized GitHub repositories, posing a severe threat to cybersecurity professionals, game developers, and software engineering teams.
This campaign is notable for its blend of stealth,...
A prominent cybercriminal known as "xperttechy" has surfaced on a well-known dark web forum, promoting a new iteration of Android malware named EagleSpy v5.
Marketed as a "lifetime activated" remote access Trojan (RAT), EagleSpy v5 targets a wide range of Android devices, boasting advanced...
Zimbra has released critical security patches addressing a severe stored cross-site scripting vulnerability in its Classic Web Client that could allow attackers to execute malicious JavaScript code on user systems.
he company has issued fixes across multiple supported versions, including patches for both the...
In a striking revelation, cybersecurity analysts have uncovered a fraudulent scheme involving the widely downloaded “RapiPlata” app, which poses as a legitimate loan provider but secretly compromises users’ financial and personal security.
Between October 2024 and March 2025, the app was available on both...
A critical directory traversal vulnerability has been discovered in Performave Convoy's LocaleController component, enabling unauthenticated remote attackers to execute arbitrary code on affected servers.
The security vulnerability, tracked as GHSA-43g3-qpwq-hfgg and disclosed by researcher ericwang401 five days ago, impacts all Convoy installations running versions...
Google Cloud announced the transfer of its groundbreaking Agent2Agent (A2A) protocol to the Linux Foundation at Open Source Summit North America, establishing a new collaborative project aimed at fostering interoperable AI agent ecosystems.
The donation creates an independent, vendor-neutral entity supported by major technology...