Cybersecurity researchers at Wiz have uncovered an active cryptomining campaign dubbed "Soco404" that exploits cloud infrastructure vulnerabilities to deploy platform-specific malware targeting both Linux and Windows systems.
The sophisticated operation uses fake 404 error pages hosted on Google Sites to conceal malicious payloads, demonstrating...
An innovative Large Language Model (LLM) honeypot that deceived a threat actor into exposing their complete attack methodology, including botnet infrastructure and command-and-control channels.
The breakthrough demonstrates how artificial intelligence can be weaponized for cybersecurity defense, turning attackers' own tools against them.
The attack was...
A critical security vulnerability in the popular Post SMTP WordPress plugin has left over 400,000 websites exposed to potential account takeover attacks, allowing even the lowest-privileged users to gain administrator access and achieve full site control.
The vulnerability, tracked as CVE-2025-24000, stems from broken...
A threat actor on a dark-web forum is advertising “full-stack” access to Airpay’s production environment alongside a trove of personally identifiable information (PII) and financial data.
Although Airpay has not yet confirmed the incident publicly, screenshots posted by the attacker and a detailed sales...
Most modern browsers advertise a single-click path to privacy called Incognito or Private Browsing. In reality, that promise extends only to erasing traces on the local device while leaving users broadly visible to websites, advertisers, internet-service providers (ISPs), employers, and governments.
Misunderstanding these limits is...
A new ransomware strain called Gunra has emerged as a significant threat to Windows systems, leveraging code from the notorious Conti ransomware group to execute sophisticated attacks that encrypt files and eliminate recovery options.
First identified in April 2025, this malware exhibits enhanced capabilities...