Cyber Security

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. The technique was developed by researchers at …

Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since …

Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept …

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based …

The Cybersecurity Perception Gap: Why Executives and Practitioners See Risk Differently Does your organization suffer from a cybersecurity perception gap? Findings from the Bitdefender 2025 Cybersecurity Assessment suggest the answer …

3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation A malicious network of YouTube accounts has been observed publishing and promoting videos that lead to malware downloads, …

A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). …

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open …