A phishing vulnerability in vLex’s Vincent.ai exposed lawyers and law firms to AI-driven cyberattacks. Attackers manipulated the legal research tool to embed malicious links into AI-generated responses, creating a new avenue for targeted phishing in the legal sector.
A new Android SMS stealer campaign is spreading across Uzbekistan, using deceptive apps to capture messages and authentication codes. The attack highlights fast-evolving mobile threats and the need for stronger device security.
Russia is attempting to weaponize Starlink by acquiring terminals through illicit channels and using them for battlefield communications. This in-depth report examines how Russian units exploit the system, how SpaceX responds, and why satellite networks are becoming critical wartime assets.
Critical FreePBX authentication bypass flaw enables unauthorized access and remote code execution on affected PBX systems when misconfigured — patch immediately.
A massive misconfigured database exposed billions of LinkedIn-related records, enabling attackers to refine phishing, impersonation, and identity-based attacks. This investigative report examines how the leak happened and why its long-tail impact will persist for years.
North Korean–linked attackers exploited a critical React2Shell vulnerability (CVE-2025-55182) to deploy a new smart-contract based RAT named EtherRAT. The malware uses Ethereum smart-contracts for C2 resolution, hides payloads through obfuscation, and employs multiple persistence mechanisms — a serious threat to Web3 and developer environments.
Microsoft’s December 2025 Patch Tuesday delivers critical security updates — 56 vulnerabilities across Windows, Office, Exchange and more including three zero-day flaws. Attackers exploited at least one, making immediate patching vital for enterprise and personal systems alike.
A critical Ivanti Endpoint Manager code execution flaw, tracked as CVE-2025-10573, allows unauthenticated attackers to plant malicious JavaScript in the EPM dashboard and hijack admin sessions. This article explains how the bug works, which versions are affected, and how to patch and harden EPM cores.
A newly observed Mirai variant, “Broadside,” is exploiting weakly protected IoT systems across global maritime logistics environments. Its rapid spread and operational impact highlight growing risks as critical shipping infrastructure becomes increasingly automated and interconnected.
LockBit 5.0’s infrastructure was exposed through leaked servers and misconfigured systems, giving investigators rare insight into its ransomware operations. This analysis breaks down what was uncovered and how defenders can respond.