A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...

Using sophisticated techniques, the APT28 hacking group turned vulnerabilities in the Microsoft Office platform into weapons for cyberattacks on numerous organizations and countries.

Learn how to enable and secure basic authentication for enterprise systems. Guide covers tls encryption, credential hygiene, and sso migration for ctos.

APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Autonomous AI agents are creating a new identity blind spot as they operate outside traditional IAM controls. Token Security ...

Discover the best AI content detectors in 2026. Compare Winston AI, GPTZero, Originality.AI, and more for accuracy, trust, ...

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain ...

Moltbot, the viral AI agent, offers immense power but is riddled with critical vulnerabilities, including remote code execution (RCE), exposed control interfaces, and malicious extensions. Read on to ...

Rachel Williams has been an editor for nearly two decades. She has spent the last five years working on small business content to help entrepreneurs start and grow their businesses. She’s well-versed ...