High-severity CVE-2025-14847 allows unauthenticated attackers to read uninitialized heap memory in MongoDB due to a zlib ...
Trust Wallet says a security incident in its Chrome extension v2.68 caused about $7M in crypto losses and urges users to ...
China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), ...
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.
Stolen LastPass vaults from the 2022 breach enabled about $35M in crypto thefts through 2025, according to TRM Labs.
Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication ...
CISA adds an actively exploited Digiever DS-2105 Pro NVR vulnerability to KEV, warning of botnet attacks and urging ...
A new MacSync macOS stealer spreads via a signed, notarized fake installer, bypassing Apple Gatekeeper before Apple revoked ...
ESET reports a 62% rise in the Nomani investment scam, using AI deepfakes on social media, while detections fell 37% in late 2025.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback