Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems

Cybersecurity researchers have discovered a malicious Rust package that’s capable of targeting Windows, macOS, and Linux systems, and features malicious functionality to stealthily execute on developer machines by masquerading... Read more »

Maximum-severity XXE vulnerability discovered in Apache Tika

A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it... Read more »

CrowdStrike Identifies New China-Nexus Espionage Actor

CrowdStrike’s investigation shows that WARP PANDA initially infiltrated some victim networks as early as late 2023, later expanding operations. The post CrowdStrike Identifies New China-Nexus Espionage Actor appeared first... Read more »

Google Rolls Out Chrome 143 Update for Billions Worldwide

Google fixes 13 security vulnerabilities in a December desktop update rolling out to Windows, macOS, and Linux users. The post Google Rolls Out Chrome 143 Update for Billions Worldwide... Read more »

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to... Read more »

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series... Read more »

Cyber teams on alert as React2Shell exploitation spreads

Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the driving seat Read more »

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed technical details... Read more »

Cloudflare fixes second outage in a month

A change to web application firewall policies at Cloudflare caused problems across the internet less than three weeks after another major outage at the service, but no cyber attack... Read more »

Check Point introduces Quantum Firewall R82.10 with new AI and zero trust security capabilities

Check Point announced its new Check Point Quantum Firewall Software, R82.10, introducing 20 new capabilities designed to help enterprises safely adopt AI, protect distributed environments, and simplify zero trust... Read more »
Subscribe to our Newsletter