An unauthenticated attacker can exploit the flaw to execute arbitrary code. The vulnerability is an out-of-bounds write issue that affects Fireware OS versions 11.10.2–11.12.4_Update1, 12.0–12.11.3, and 2025.1.

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset.

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site.

ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification.

A new malvertising campaign is taking advantage of the popularity of Perplexity’s recently released Comet browser, tricking users into downloading a malicious installer instead of the legitimate product.

A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey.

Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware.

FortiGuard Labs has uncovered a sophisticated cross-regional campaign that has gradually expanded from China to Taiwan, Japan, and most recently Malaysia, revealing a methodical evolution in both targeting and technical capability.

A Massachusetts student has been sentenced to four years in prison for hacking and extorting approximately $3 million from two companies. The cyberattack led to the exposure of sensitive data belonging to nearly 70 million individuals

The automotive sector is facing an unprecedented wave of cyberattacks that threaten business continuity, disrupt global supply chains, and expose critical vulnerabilities in connected vehicle systems.