The bug, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of the decompression tool. It ...

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...

CVE-2025-8088, a WinRAR vulnerability patched in July 2025, has been widely exploited by state-sponsored threat actors and cybercriminals.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

Cloud-native applications have changed how businesses build and scale software. Microservices, containers, and serverless ...

Microsoft has released Security Baseline v2512 for Microsoft 365 Apps with enhanced Excel and PowerPoint protections, blocking unsafe external links and legacy automation components.

Cisco has finally shipped a fix for a critical-rated zero-day in its Unified Communications gear, a flaw that's already being weaponized in the wild, and which CISA previously flagged as an emergency ...

Three serious prompt injection vulnerabilities in Anthropic’s Git MCP server briefly enabled remote code execution and file ...

Critical vulnerabilities in edge devices are continuing to be discovered by security researchers and rapidly targeted by attackers. Lately this includes a critical ...