A New Chinese APT Takes the Stage
Active since at least 2022, UAT-7290 demonstrates a significant capacity for conducting deep-seated espionage while simultaneously functioning as an initial access group.
All topics
Articles
67 Posts
React2Shell Attacks Continue to Build
After a peak of more than 430,000 attack sessions in late December, daily volumes targeting React2Shell have stabilized in the 300,000 to 400,000 range.
IBM Warns of Critical Auth Bypass Bug in API Connect
IBM published updates for the affected versions of API Connect on Jan. 2., and urged organizations to update affected versions as soon as possible.
Serious MongoDB Flaw CVE-2025-14847 Under Exploitation
MongoDB disclosed the vulnerability (CVE-2025-14847) on Dec. 19 and a few days later, a public exploit for it appeared online.
Is Kevin McCallister the Greatest Hacker in Movie History?
There may not be any computers in Home Alone, but few movie characters embody the old-school hacker ethos like Kevin McCallister does.
Threat Actors Target Unpatched Cisco AsyncOS Zero-Day
Threat actors are exploiting an unpatched zero-day vulnerability in Cisco AsyncOS software.