Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.

“It’s mine! I saw it first!” That’s what you might expect to hear from a child who’s found money or a toy, and it’s how cybercriminals respond to finding zero-day vulnerabilities, or holes in networks ...

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of ...

A single stored procedure transformed into a multi-functional tool like a Swiss Army knife after exploitation — an attack-focused SQL CLR toolset: file system control, payload preparation, privilege ...

This repository contains a proof-of-concept (PoC) exploit for CVE-2024-4577, a critical vulnerability affecting all versions of PHP running on Windows. The vulnerability allows attackers to execute ...