Cyber Security

New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed …

Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach …

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The tool was released by …

Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. Samsung MagicINFO Server is a centralized content management …

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. The campaign was detected last month and relied on three malicious Go modules that …

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, …

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its …

The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States. According …