UNC6384 is a Chinese-linked cyber espionage group identified by Google’s Threat Intelligence Group (GTIG) in August 2025. The threat group primarily targets diplomatic entities, initially focusing on ...

If at first you don’t succeed, patch and patch again More threat intel teams are sounding the alarm about a critical Windows Server Update Services (WSUS) remote code execution vulnerability, tracked ...

A critical security flaw in Microsoft's WSUS feature is being actively exploited in the wild by threat actors who could gain access into unpatched servers, remotely control networks, and use them to ...

Explore this week’s top cyber stories: stealthy virtual machine attacks, AI side-channel leaks, spyware on Samsung phones, ...

Microsoft considers a vulnerability in LNK display unfixable. It has since been exploited against European diplomats.

Windows without PowerShell 2.0: Microsoft removes the version still included for compatibility for good. It has long been considered obsolete. PowerShell 2.0 is finally history: The version of the ...

The files exploit the Windows vulnerability before executing obfuscated PowerShell commands that deploy a malware chain. This ultimately results in the deployment of PlugX remote access Trojan (RAT).

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud ...

Ransomware gangs are exploiting AdaptixC2, an open-source command-and-control framework originally built for red team testing, to support stealthy post-exploitation operations.

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...