Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Microsoft Office is victim to a critical zero-day exploit, and Russian hacker groups are already weaponizing it in destabilizing efforts toward the Ukrainian government. While Westerners and most ...

Ukraine’s CERT says the bug went from disclosure to active exploitation in days Russia-linked attackers are already exploiting Microsoft's latest Office zero-day, with Ukraine's national cyber defense ...

In my previous post, I walked through how disconnected MCP servers and AI agents create a growing blind spot in enterprise ...

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

After completing a degree in Film, Television, and Cultural Studies at Manchester Metropolitan University, I decided to pursue my love of writing and video games by entering the world of video game ...

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security issue is ...

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server.

Cybersecurity investigators have identified a new cyberattack campaign connected to the Russia-linked hacking group APT28, ...

Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows' own security architecture. Image generated by Google Gemini A sophisticated ...

Meanwhile, CVE-2025-8088 can be abused to create booby-trapped archive files that can load malicious computer code into a hacker-selected path on a Windows PC. Antivirus vendor ESET originally ...