Oracle still hasn't patched the vulnerability the group has been using in its attacks since late May.

When a researcher went public with Microsoft vulnerabilities, it laid bare a conflict that has never really been solved.

Researchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financial gain.

Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product.

The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.

Two critical defects in FortiClient EMS have been exploited in the past couple weeks. Experts push for users to apply an immediate hotfix.

Voice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics.

The global campaign marks the second series of multiple actively exploited zero-day vulnerabilities in Cisco edge technology since last spring. The similarities don’t end there.

Additionally, the U.S. Treasury sanctioned the Russian zero-day brokerage that Peter Williams sold the exploits to.

The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.