The Patchwork group, also known by the aliases APT-C-09, APT-Q-36, Chinastrats, Dropping Elephant, Operation Hangover, Quilted Tiger, and Zinc Emerson , has launched a new spear-phishing campaign targeting the Turkish...
The U.S. Cybersecurity Agency (CISA) has issued an alert regarding two malware kits discovered on the network of an unidentified organization after exploiting new vulnerabilities in the Ivanti Endpoint Manager...
A new threat is beginning to emerge in the IT world: the world of artificial intelligence agents. ShadowLeak is a recently discovered clickless indirect prompt injection (IPI) vulnerability that occurs...
F6 analysts have published a study on a new phishing campaign active from spring 2025. The group, dubbed ComicForm, sent emails containing malicious attachments to Russian, Belarusian, and Kazakh companies...
The Artificial Intelligence Security Governance Forum was held in Kunming, Yunnan Province, southwestern China, as part of the National Cybersecurity Publicity Week 2025. The event offered an opportunity to discuss...
A security researcher recently developed a zero-click exploit for the Linux SMB3 kernel daemon (ksmbd), exploiting two specific vulnerabilities. This exploit allows remote code execution (RCE) in kernel mode without...
CrowdStrike today introduced, in collaboration with Meta, a new benchmark suite - CyberSOCEval - to evaluate the performance of artificial intelligence systems. in real security operations. Based on Meta's CyberSecEval...
A September 2025 security update has been released by Samsung to address a critical zero-day vulnerability that is currently being actively exploited. This patch includes fixes for a total of...
On September 9, 2025, two significant vulnerabilities were discovered in Microsoft Office, for which dedicated patches were created. These vulnerabilities, if exploited by attackers, could allow malicious code to be...
Sophos has announced that it has fixed a critical authentication bypass vulnerability affecting its AP6 series wireless access points. The flaw allowed a remote attacker to gain administrative privileges by...
