Description  In September 2025, the Python Software Foundation (PSF) canceled all PyPI tokens stolen in the GhostAction attack. These tokens, which le . . . Read more

Description A large phishing operation known as RaccoonO365 has been taken down through a joint effort by Microsoft, Cloudflare, and law enforcement. . . . Read more

Description  The cybercrime group Silver Fox (aka SwimSnake, UTG-Q-1000, Void Arachne) has been linked to a Bring Your Own Vulnerable Driver (BYOVD) c . . . Read more

Description  A newly disclosed vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), tracked as CVE-2025-52970, allows remote attackers . . . Read more

Description  There has been a surge in Akira ransomware attacks targeting SonicWall firewall devices with SSL VPN enabled, initially suspected to be e . . . Read more

Description  Security researchers have disclosed a critical Secure Boot bypass vulnerability, tracked as CVE-2025-3052, that allows attackers to disab . . . Read more

Description  The Anubis ransomware-as-a-service (RaaS) operation, first identified in December 2024, has evolved into a more destructive threat by inc . . . Read more

Description  The FIN6 threat group, also known as “Skeleton Spider,” has launched a sophisticated social engineering campaign targeting human resource . . . Read more

Description  A newly identified Go-based Linux malware, dubbed PumaBot, is targeting Internet of Things (IoT) devices through SSH brute force attacks . . . Read more

Description  A sophisticated malware campaign is targeting WordPress websites using a malicious plugin masquerading as a security tool. Discovered by . . . Read more

Description  A high-severity authentication bypass vulnerability (CVE-2025-3102) in the OttoKit WordPress plugin (formerly known as SureTriggers) has . . . Read more

Description  A new malware campaign has been uncovered exploiting the SourceForge platform to distribute fake Microsoft Office add-in tools. These mal . . . Read more