A new wave of sophisticated phishing attacks is targeting software developers by exploiting GitHub’s OAuth 2.0 Device Code Flow. These attacks enable threat actors to hijack developer tokens and more.

Nytheon AI, a new uncensored large language model (LLM) platform, is rapidly gaining popularity on hacking forums due to its ability to generate malicious content without safety restrictions.

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with international partners from the Five Eyes alliance, has released a comprehensive set of guidelines aimed at enhancing the security of network edge devices.

A new account takeover campaign, tracked as UNK_SneakyStrike, is actively exploiting the legitimate penetration testing tool TeamFiltration to compromise Microsoft Entra ID accounts.

A major supply chain attack has compromised 16 popular Gluestack 'react-native-aria' packages on NPM, affecting nearly 960,000 weekly downloads. The attack involves the injection of obfuscated remote access trojan (RAT) code.

Qilin RaaS is now exploiting two critical Fortinet vulnerabilities—CVE-2024-21762 and CVE-2024-55591—to bypass authentication and deploy ransomware. These impacted high-profile organizations and are currently targeting Spanish-speaking countries

A new phishing campaign is targeting remote workers by impersonating Zoom update notifications. The campaign exploits users' urgency to stay updated with the latest software versions, a common requirement for remote collaboration tools.

These devices, manufactured by 42 different vendors, include essential components for solar energy operations and are often exposed due to poor asset visibility and management.

A recent audit of nearly 18,000 Model Context Protocol (MCP) servers on GitHub revealed that 1,408 repositories may have been intentionally designed for malicious purposes.

Forescout Research Vedere Labs has identified nearly 35,000 internet-exposed solar power systems—including inverters, data loggers, and gateways—from 42 vendors using the Shodan search engine.