A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
A threat actor has been targeting organizations across multiple sectors with voice-based fake security requests that ask ...
EvilTokens uses AES-GCM encrypted HTML and Microsoft Device Code Phishing to hide Microsoft 365 account takeover pages until ...
With phishing and AI-driven identity attacks rising, Windows Hello PIN security depends on TPM-backed keys, enterprise ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
The ransomware’s use of trusted administrative tools and recovery-disruption tactics shows why containment, not just endpoint ...
Accenture confirmed a breach after a hacker claimed 35GB of source code and cloud keys were stolen, raising questions for ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...