Romania's oil pipeline operator Conpet confirms data stolen in attack

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities

287 Chrome Extensions Exfiltrate Browsing History From 37.4 Million Users

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

GitLab Patches Multiple Vulnerabilities That Enables DoS and Cross-site Scripting Attacks

Coinbase Cartel Targets High-Value Sectors with Data-Theft-First Extortion Strategy

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

Chinese cyberspies breach Singapore's four largest telcos

DPRK IT Workers Impersonating Individuals Using Real LinkedIn Accounts to Apply for Remote Roles

GuLoader Uses Polymorphic Code and Trusted Cloud Hosting to Evade Reputation-Based Defenses

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

Microsoft: Exchange Online flags legitimate emails as phishing

New Node.js Based LTX Stealer Attackers Users to Exfiltrate Login Credentials

Claude Desktop Extensions 0-Click RCE Vulnerability Exposes 10,000+ Users to Remote Attacks

Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

BeyondTrust warns of critical RCE flaw in remote support software

CISA orders federal agencies to replace end-of-life edge devices