Multiple severe security vulnerabilities were reported affecting QNAP's Qsync Central, a widely used file synchronization service for QNAP NAS devices.
Two major issues—CVE-2025-22482 and CVE-2025-29892—pose significant risks, potentially allowing remote attackers who gain access to user accounts to escalate privileges, steal sensitive information, or...
Cybersecurity researchers at FortiGuard Labs have identified an active, high-severity phishing campaign targeting users of older Microsoft Office versions.
The attackers’ primary vehicle: malicious Excel attachments sent via email, specifically designed to exploit the long-known vulnerability CVE-2017-0199.
This campaign aims to deliver FormBook, an advanced...
A sweeping, coordinated attack has struck the heart of the React Native ecosystem, threatening thousands of developers and organizations globally.
Beginning on the evening of June 6, 2025, malicious actors successfully breached at least 16 widely-used npm packages with millions of weekly downloads.
Among...
A wave of dangerously deceptive npm packages has surfaced, targeting the heart of modern Node.js web applications and leaving production systems vulnerable to complete destruction.
Security researchers warn that these packages disguised as legitimate database sync utilities and system health monitors—are actually malicious middlewares,...
Microsoft has launched an ambitious European Security Program that aims to disrupt the infrastructure of cybercriminals and nation-state actors that threaten the continent’s digital landscape.
The initiative, announced in Berlin by Microsoft’s President Brad Smith, responds to a rise in sophisticated attacks from actors...
The United States government has taken a significant step in the global fight against cybercrime by offering a $10 million reward for information leading to the identification or location of Maxim Alexandrovich Rudometov, alleged creator of the infamous RedLine malware.
Born in 1999 in...