An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort has targeted the following….

Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS….

# Common OAuth Vulnerabilities 30 Jan 2025 – Posted by Jose Catalan, Szymon Drosdzol OAuth2’s popularity makes it a prime target for attackers. While it simplifies user login, its complexity….

There are thousands of fake Reddit and WeTransfer webpages that are pushing malware. They exploit people who are using search engines to search sites like Reddit. Unsuspecting victims clicking on….

The job of a SOC analyst has never been easy. Faced with an overwhelming flood of daily alerts, analysts (and sometimes IT teams who are doubling as SecOps) must try….

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have….

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria….

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. “When an….

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of….

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.