by bor1cua | May 29, 2026 | Cybersecurity Resources
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. “Kimsuky employed a range of tailored...
by bor1cua | May 29, 2026 | Cybersecurity Resources
Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware. “The campaign abused trusted endpoint management infrastructure to deliver...
by bor1cua | May 29, 2026 | Cybersecurity Resources
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system....
by bor1cua | May 29, 2026 | Cybersecurity Resources
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod is just a...
by bor1cua | May 29, 2026 | Cybersecurity Resources
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed....
by bor1cua | May 28, 2026 | Cybersecurity Resources
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named “mouse5212-super-formatter,” is designed to upload files from...
