As users (and detection tools) have gotten better at identifying the signs of a malware infection and savvy enough to avoid them in the first place, some cybercriminals have changed tactics.

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.

A critical security vulnerability in a Voice over Internet Protocol (VoIP) phone deployed in small and midsized businesses (SMBs), hotels, call centers, and other organizations globally has ...

Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The ...

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

A Minnesota fraud scandal is a "canary in the coal mine" for how easily swindles can seep into government systems — including election administration — Republican election attorney Justin Riemer told ...

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...

Abstract: Penetration testing, a critical cybersecurity practice, is often bottlenecked by manual exploit selection and payload crafting. We propose a novel framework integrating Large Language Models ...

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, even with network restrictions enabled. A newly disclosed vulnerability in ...

Earlier this year, a developer was shocked by a message that appeared on his personal phone: “Apple detected a targeted mercenary spyware attack against your iPhone.” “I was panicking,” Jay Gibson, ...