2+ hour, 31+ min ago  (323+ words) The cybersecurity landscape has reached a critical turning point as artificial intelligence moves from theoretical threat to operational reality. In their H2 2025 Threat Report, ESET researchers have documented a disturbing shift in how attackers operate, revealing that AI-powered malware is no…...

3+ hour, 10+ min ago  (356+ words) The European Space Agency (ESA) has confirmed a cybersecurity breach affecting a limited number of external servers, marking a rare public admission of vulnerability in the continent's premier space organization. In an official statement released Tuesday, ESA disclosed: "ESA is…...

3+ hour, 30+ min ago  (486+ words) The subtle difference between these namespaces makes it easy for developers to accidentally include the harmful package in their projects. The malware campaign shows clear signs of careful planning and execution. Attackers created a fake domain, fasterxml.org, to mirror…...

5+ hour, 49+ min ago  (360+ words) A Chinese-linked threat group tied to the HoneyMyte, also known as Mustang Panda or Bronze President, is using a new kernel rootkit to hide its ToneShell backdoor. The campaign has hit government networks across Southeast and East Asia, with the…...

8+ hour, 44+ min ago  (223+ words) SmarterTools has issued an urgent security advisory addressing a critical vulnerability in SmarterMail that could allow attackers to execute remote code on mail servers. The flaw, tracked as CVE-2025-52691, poses a severe threat to organizations using the affected versions. The…...

9+ hour, 7+ min ago  (273+ words) CISA has added a critical MongoDB Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in cyberattacks. CVE-2025-14847 affects MongoDB Server and allows unauthenticated attackers to read uninitialized heap memory due to…...

10+ hour, 53+ min ago  (207+ words) A critical zero-day vulnerability has been discovered in XSpeeder's SXZOS firmware, affecting tens of thousands of SD-WAN appliances, edge routers, and smart TV controllers deployed globally. However, these defenses operate at the middleware and Nginx layers, leaving the vulnerable view…...

1+ day, 42+ min ago  (533+ words) Chinese threat actors operating under the name Silver Fox are targeting Indian organizations through sophisticated phishing campaigns that impersonate legitimate income tax documents. The attack campaign uses authentic-looking Income Tax Department emails to trick users into downloading a malicious executable…...

1+ day, 1+ hour ago  (363+ words) A Spanish-speaking phishing operation targeting Microsoft Outlook users has been active since March 2025, using a sophisticated kit that shows clear indicators of AI-assisted development. The campaign, tracked through a unique signature of four mushroom emojis embedded in the string "OUTL,…...

1+ day, 2+ hour ago  (538+ words) This perception leads many to believe that modern attackers operate with machine-like precision, seamlessly moving from one objective to another without facing obstacles. However, this narrative masks a much different reality that becomes clear when examining the actual evidence left…...