Infosecurity Magazine

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025 ...

Hacking the grid: How digital sabotage turns infrastructure into a weapon

The US used a cyberattack to turn off power in Caracas during the raid to seize Maduro. The US grid is also vulnerable to ...

Chainlit AI framework bugs let hackers breach cloud environments

Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, ...
The Hacker News

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

North Korean PurpleBravo hackers targeted 3,136 IPs and 20 companies using fake interviews, malicious VS Code projects, and ...
Microsoft

Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint

Microsoft Defender Researchers uncovered a multi‑stage AiTM phishing and business email compromise (BEC) campaign targeting ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...
CSO Online

Misconfigured demo environments are turning into cloud backdoors to the enterprise

Beyond this, Yaffe advised enterprises to “inventory everything” to establish a complete, up-to-date picture of all cloud ...
WinBuzzer

Hackers Breach Fortune 500 Companies Exploiting Security Testing Apps

Cybersecurity researchers from Pentera have discovered 1,926 vulnerable security training applications exposed online, with ...