Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.
Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. “The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in…
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system. Here are the top three Microsoft Office-based exploits still making the rounds this…
These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says.
Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January.
Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems.
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard