Anthropic accused DeepSeek, Moonshot AI, and MiniMax of orchestrating large-scale distillation attacks against Claude models. The Chinese labs used 24,000 fake accounts to extract over…
Conduent Business Services suffered a massive data breach from October 21, 2024, to January 13, 2025. Ransomware group Safepay claims responsibility for stealing 8+ terabytes…
Elastic Security Labs uncovered MIMICRAT, a custom C++ remote access trojan spreading via “ClickFix” attacks on compromised legitimate websites. Malicious JavaScript injects fake Cloudflare verification pop-ups…
Microsoft 365 Multi-Factor Authentication failed for North American users starting February 23, 2026, at 8:22 PM IST. Widespread 504 Gateway Timeout errors block MFA verification…
Starkiller, a new phishing-as-a-service platform by Jinkusu group, proxies legitimate login pages to defeat multi-factor authentication. Attackers load real brand websites dynamically through malicious servers, capturing…
North Korean threat actors run dual operations targeting developers worldwide. Contagious Interview tricks candidates into running malware during fake technical interviews. Fake IT workers embed inside real…
jsPDF developers face a critical vulnerability in the popular PDF generation library. CVE-2026-25755 (CVSS 8.8) affects the addJS method, allowing attackers to inject arbitrary PDF objects and actions…
HPE released a security bulletin on February 19, 2026, warning of CVE-2025-12543 affecting Telco Service Activator. The critical flaw (CVSS 9.6) stems from improper Host…
A threat actor claimed on February 22, 2026, to have breached the Wendy’s International Franchise Database. The leak allegedly exposes franchisee contacts, operational configs, and…
OWASP released the Smart Contract Top 10 for 2026, ranking the most dangerous smart contract flaws based on 2025 incidents. This awareness document guides Web3…
November 21, 2025
1 comment 
