Cybersecurity researchers at GreyNoise have uncovered a previously untracked scraper botnet variant that has compromised over 3,600 devices worldwide, with attacks primarily targeting systems in the United States and the United Kingdom.
The botnet, first observed on April 19, 2025, employs sophisticated evasion techniques...
Microsoft has disclosed a critical vulnerability in Windows BitLocker that allows attackers with physical access to bypass the encryption feature designed to protect sensitive data.
The security flaw, designated as CVE-2025-48818, was publicly announced on July 8, 2025, and affects multiple versions of Windows...
A security researcher has disclosed a significant Local File Inclusion (LFI) vulnerability in Microsoft Graph APIs that allowed attackers to extract sensitive server-side files through the platform's document conversion feature.
The flaw, which Microsoft has since patched, earned the researcher a $3,000 bounty through...
Google has unveiled significant security enhancements for Chrome on Android through its Advanced Protection Program, specifically targeting journalists, elected officials, and other public figures who face sophisticated cyber threats.
The new device-level security setting represents a comprehensive approach to mobile browser protection, integrating three...
On July 8, 2025, Microsoft and CVE.org disclosed a critical security flaw, CVE-2025-47981, affecting the SPNEGO Extended Negotiation (NEGOEX) security mechanism—a core component in Microsoft Windows authentication protocols.
Rated an alarming 9.8 on the CVSS severity scale, this vulnerability enables attackers to execute arbitrary code remotely,...
A newly discovered Trojan malware, SparkKitty, is raising alarms across the cybersecurity community after infiltrating official app stores and untrusted websites to compromise both iOS and Android devices.
Active since early 2024, SparkKitty indiscriminately steals users’ gallery photos, posing a massive threat to personal privacy,...