Security researchers uncovered 30 high-risk vulnerabilities across major AI ecosystems, exposing how malicious actors can manipulate models, poison training pipelines, and escalate attacks through AI-integrated applications. The discovery highlights urgent gaps in current AI-security frameworks.
Manufacturers face the most dangerous cyber landscape in their industry’s history. Attackers now target OT systems, supply chains and intellectual property with unprecedented sophistication, creating widespread operational and financial impact.
FvncBot is a new Android banking trojan capable of keylogging, screen streaming, overlays, and remote control — letting attackers steal credentials and hollow out bank accounts. This article breaks down how it works, why it matters, and how to defend against it.
Security teams should treat the recent spike in login traffic against GlobalProtect portals as a serious alarm. Between November 14 and 19, 2025, threat-intelligence sensors logged roughly 2.3 million sessions hitting the /global-protect/login.esp endpoint on PAN-OS and GlobalProtect gateways. That represents a nearly 40× increase in daily scan volume, hitting the highest level seen in…
India’s telecom ministry rescinded its controversial order forcing all new and existing smartphones to pre-install the government-run “Sanchar Saathi” app. The reversal follows widespread criticism over privacy risks, consent violations, and potential mass surveillance, raising fresh questions about digital rights and security oversight in a market of over a billion mobile users.
Cl0p ransomware exploited a zero-day in Oracle E-Business Suite to steal years of invoice data from Barts Health NHS Trust. The leak exposed names, addresses, and payment info of patients, staff, and suppliers, now circulating on the dark web. Learn what was compromised, who’s at risk, and how to protect yourself.
The latest Cybersecurity and Infrastructure Security Agency (CISA) advisory reveals that PRC-linked hackers use a backdoor called BRICKSTORM to gain long-term access to VMware vSphere and Windows environments, affecting government and IT networks. This article unpacks the attack chain, impacted sectors and critical defensive steps organizations should take now.
JPCERT confirms that attackers now actively exploit command injection flaws in Zyxel NAS326 and NAS542 devices. These end-of-life NAS units allow threat actors to run arbitrary commands, maintain persistence, and infiltrate internal networks, prompting urgent calls for device isolation and replacement.
The Iran-linked APT MuddyWater has resurfaced with a new, stealthy malware loader disguised as a retro Snake-style game. The loader delivers a memory-only backdoor to Israeli targets. This shift shows how APTs increasingly combine social-engineering and covert execution to bypass defenses.
A critical vulnerability known as React2Shell allows unauthenticated attackers to achieve full remote code execution on React and Next.js servers. This flaw affects default RSC implementations and requires immediate patching to prevent severe compromise across modern web infrastructures.