Ukrainian military intelligence operatives reportedly executed a sophisticated cyber operation against Gaskar Integration, one of Russia’s principal suppliers of unmanned aerial vehicles (UAVs), incapacitating its network and exfiltrating vast troves of technical data.
According to a source within Ukraine’s Main Intelligence Directorate (GUR), the...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited by attackers in the wild.
The vulnerability, tracked as CVE-2025-53770, allows unauthorized remote code execution through deserialization of...
A critical vulnerability in the popular 7-Zip file archiver has been discovered and patched, allowing malicious actors to craft weaponized RAR5 files that can crash systems and potentially corrupt memory.
The security vulnerability, designated CVE-2025-53816, affects 7-Zip versions prior to 25.00 and demonstrates how...
A sophisticated new attack technique that exploits FIDO key authentication systems by tricking users into scanning malicious QR codes with their multi-factor authentication (MFA) apps.
The attack, attributed to the PoisonSeed threat group known for cryptocurrency theft campaigns, represents a significant evolution in phishing...
A critical zero-day vulnerability in Microsoft SharePoint servers, designated CVE-2025-53770, that allows attackers to achieve remote code execution without authentication.
The security firm discovered the threat during routine monitoring on July 18, 2025, when their CrowdStrike Falcon EDR deployment flagged suspicious activity on a...
A critical zero-day vulnerability in CrushFTP servers has been actively exploited by attackers since July 18th, 2025, with security researchers confirming widespread attacks targeting unpatched installations.
The vulnerability, designated CVE-2025-54309, affects all CrushFTP version 10 installations below 10.8.5 and version 11 installations below 11.3.4_23,...