Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...
Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote ...
AI-driven attacks leaked 23.77 million secrets in 2024, revealing that NIST, ISO, and CIS frameworks lack coverage for ...
This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...
A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...
Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
High-severity CVE-2025-14847 allows unauthenticated attackers to read uninitialized heap memory in MongoDB due to a zlib ...
The US Justice Department seized a domain used to steal bank logins, causing $14.6 million in losses from 19 US victims.
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.
Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...
A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback