Please turn on your JavaScript for this page to function normally.
High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)

A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The …

Operation Secure
Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains

More than 20,000 malicious IP addresses and domains used by information-stealing malware were taken down during an international cybercrime crackdown led by INTERPOL. Called …

social engineering
TikTok videos + ClickFix tactic = Malware infection

Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. …

Patch Tuesday
Patch Tuesday: Microsoft fixes 5 actively exploited zero-days

On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not …

Trend Micro helps organizations secure AI-driven workloads

Trend Micro announced new AI-powered threat detection capabilities designed specifically for enterprises embracing AI at scale. This effort brings together Trend’s …

Patch Tuesday
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)

April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. …

Microsoft
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for …

Apple Xcode
The XCSSET info-stealing malware is back, targeting macOS users and devs

A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in …

Patch Tuesday
Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under …

7-zip
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)

CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver …

Patch Tuesday
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) …

Patch Tuesday
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools