Collaborate Disseminate
The new EU-funded GCVE project is breaking dependence on US databases to track software flaws. Discover how this decentralised system aims to ensure global cybersecurity. Continue reading EU Launches GCVE to Track Vulnerabilities Without Relying on US
Cybersecurity researchers at Miggo Security found a flaw in Google Gemini that uses calendar invites to steal private data. Learn how this silent attack bypasses security. Continue reading Google Gemini AI Tricked Into Leaking Calendar Data via Meeting Invites
Resecurity has identified PDFSIDER malware that exploits the legitimate PDF24 App to covertly steal data and allow remote access. Learn how this APT-level campaign targets corporate networks through spear-phishing and encrypted communications. Continue reading Hackers Exploiting PDF24 App to Deploy Stealthy PDFSIDER Backdoor
Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets. Continue reading Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware
The activist website called “ICE List” was offline after a massive DDoS attack. The crash followed a leak of 4,500 federal agent names linked to the Renee Nicole Good shooting. Continue reading ICE Agent Doxxing Platform was Crippled After Coordinated DDoS Attack
A supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis. Continue reading How 2 Missing Characters Nearly Compromised AWS
Dutch police arrest the alleged AVCheck operator at Schiphol as part of Operation Endgame, a global effort targeting malware services and cybercrime. Continue reading Operation Endgame: Dutch Police Arrest Alleged AVCheck Operator
ANY.RUN report reveals how the new CastleLoader malware targets US government agencies using stealthy ClickFix tricks and memory-based attacks to bypass security. Continue reading New CastleLoader Variant Linked to 469 Infections Across Critical Sectors
Over 387,000 users downloaded vulnerable Apache Struts versions this week. Exclusive Sonatype research reveals a high-risk flaw found by AI. Is your system at risk? Continue reading Years-Old Vulnerable Apache Struts 2 Versions See 387K Weekly Downloads
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden. Continue reading New China Linked VoidLink Linux Malware Targets Major Cloud Providers