Exploiting .lnk files is a strategy that has been used for years and still works, says new report from Forcepoint.

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

So many CVEs, so little time Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege ...

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

Using sophisticated techniques, the APT28 hacking group turned vulnerabilities in the Microsoft Office platform into weapons for cyberattacks on numerous organizations and countries.

Mustang Panda gave CoolClient new bells and whistles, including clipboard monitoring.

The 'future-proof' SSD is a myth—why you should buy older drives instead ...

usage: $ ddl-manager [command] [options] command: build migrate functions and triggers from files into database watch build and watching folder for changes dump write functions and triggers from ...

A complex phishing campaign uses decentralized fake PDFs that mount virtual drives to silently install the AsyncRAT malware.

Adobe Illustrator can sometimes develop errors for some people. One common error is when DLL files required by Illustrator to run go missing. In such cases, you see ...

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.