A newly identified wave of malicious software supply chain activity linked to North Korea has infiltrated the popular JavaScript package ecosystem npm, targeting developers worldwide.
The campaign, uncovered by Socket’s Threat Research Team, centers around a stealthy new malware loader dubbed XORIndex and marks a dangerous...
A critical vulnerabilities in Samsung's WEA453e WLAN Access Point in August 2020, revealing a chain of exploits that culminate in unauthenticated remote code execution with root privileges.
The vulnerabilities represent a significant security risk, allowing attackers to completely compromise affected devices without requiring valid...
Oracle has released its quarterly Critical Patch Update (CPU) for July 2025, addressing a substantial 309 security vulnerabilities across its comprehensive product portfolio.
This release represents one of the most significant security updates from Oracle, spanning database systems, middleware, enterprise applications, and cloud native...
A comprehensive investigation by cybersecurity firm CTM360 has uncovered a massive network of over 17,000 fraudulent news sites operating across 50 countries, designed to lure victims into investment scams through sophisticated deception tactics.
These "Baiting News Sites" (BNS) masquerade as legitimate media outlets, mimicking...
Microsoft has issued an urgent warning to Windows users about upcoming Secure Boot certificate expirations that could significantly impact device security and functionality.
The company released an out-of-band update on July 13, 2025, addressing immediate technical issues while highlighting a critical timeline for certificate...
Google's artificial intelligence-powered security tool Big Sleep has achieved a cybersecurity milestone by discovering and preventing the active exploitation of a critical zero-day vulnerability in SQLite, marking what the company believes is the first time an AI agent has directly thwarted real-world cyberattacks.
This...