A critical Remote Code Execution (RCE) vulnerability has been discovered in the NestJS development tools package, allowing malicious websites to execute arbitrary commands on developers' local machines.
The vulnerability, tracked as CVE-2025-54782, affects the @nestjs/devtools-integration package and has been assigned a critical CVSS score....
Palo Alto Networks' Unit 42 threat intelligence team has unveiled a comprehensive new methodology for attributing cyber attacks to specific threat actors, addressing long-standing challenges in the cybersecurity industry where attribution has been "more art than science."
The Unit 42 Attribution Framework establishes a systematic...
Cybersecurity researchers at WithSecure have identified a sophisticated campaign targeting organizations across Europe, with threat actors leveraging legitimate Remote Monitoring and Management (RMM) tools to bypass traditional security defenses.
Since November 2024, the security firm has tracked a notable increase in targeted activities primarily...
Singapore's recent disclosure of an ongoing cyberattack by the sophisticated threat group UNC3886 reveals the city-state's nuanced approach to managing state-sponsored cyber threats while maintaining diplomatic equilibrium.
The revelation, announced by Coordinating Minister for National Security K. Shanmugam on July 18, demonstrates Singapore's preference...
The Knownsec 404 Advanced Threat Intelligence Team has uncovered a sophisticated malware campaign where cybercriminals are impersonating popular online tools, particularly Google Translate, to distribute the dangerous Silver Fox Trojan.
This attack method, which can be traced back to 2024, uses deceptive Flash update...
A new ransomware group called Anubis has emerged as a significant threat in the cybersecurity landscape, targeting both Android and Windows systems with sophisticated attack methods.
First identified in November 2024, this dual-platform malware represents a growing trend in the ransomware ecosystem, which saw...