News Articles

Security researchers have identified a sophisticated supply chain attack that infiltrated several widely used npm packages. The breach was facilitated by a targeted phishing operation that successfully stole authentication tokens from package maintainers, granting...

Google has uncovered that the Chinese state-sponsored hacking group APT41 has been using a custom malware strain, dubbed TOUGHPROGRESS, to exploit Google Calendar as a command-and-control (C2) channel. This tactic enables the attackers to blend in with legitimate...

Samsung has issued urgent updates to fix a critical security vulnerability in its MagicINFO 9 Server software that has been actively exploited in real-world attacks. Tracked as CVE-2025-4632 and rated 9.8 on the CVSS scale, the flaw is a path traversal vulnerability...

Microsoft recently uncovered a sophisticated malvertising scheme that infected nearly 1 million Windows computers with data-stealing malware, including Lumma and other infostealers. The attack, which affected both individual users and businesses across various...