Category: Cyber Security News

A sophisticated new cyberattack chain dubbed “KongTuke” has been uncovered by cybersecurity researchers, targeting unsuspecting internet users through compromised legitimate websites. Detailed in a report by Bradley Duncan of Palo Alto Networks’ Unit 42 team, this attack leverages malicious scripts…

Read more →

A recently discovered set of vulnerabilities, dubbed “IngressNightmare,” found in Ingress NGINX Controller, exposing clusters to unauthenticated remote code execution (RCE). Kubernetes dominates container orchestration, but its prominence has made it a target for exploitation. In Kubernetes, Ingress serves as…

Read more →

Google has made a big move to fight cyber threats by announcing Sec-Gemini v1, an experimental AI model designed to revolutionize cybersecurity. Elie Burzstein and Marianna Tishchenko from the Sec-Gemini team unveiled a new AI model designed to help cybersecurity…

Read more →

Microsoft celebrated its 50th anniversary on April 4, 2025, reflecting on its journey since Bill Gates and Paul Allen founded the company in 1975. The milestone event, held at Microsoft’s Redmond, Washington headquarters, blended nostalgia with cutting-edge AI advancements, particularly…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457, a critical vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, to its Known Exploited Vulnerabilities (KEV) Catalog. This stack-based buffer overflow, actively exploited since mid-March 2025, allows…

Read more →

Ivanti has disclosed a critical vulnerability, CVE-2025-22457, affecting its Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products that are actively exploited in the wild. This stack-based buffer overflow flaw, with a CVSS score of 9.0, has…

Read more →

Endpoint management tools are critical for organizations to efficiently manage and secure devices such as desktops, laptops, mobile devices, and IoT systems. These tools provide centralized control, allowing IT teams to enforce security policies, deploy software updates, and monitor device…

Read more →

Cybersecurity search engines are specialized tools designed to empower professionals in identifying vulnerabilities, tracking threats, and analyzing data effectively. These platforms offer a wealth of information that generic search engines cannot provide, making them indispensable for cybersecurity researchers and professionals.…

Read more →

A notorious threat actor operating under the alias “EncryptHub” has been exposed due to a series of operational security failures and unconventional use of AI tools. This Ukrainian cybercriminal, who fled his hometown approximately a decade ago, has been orchestrating…

Read more →

IT asset management (ITAM) software has become essential for businesses to efficiently track, manage, and optimize their hardware, software, and cloud resources. As we approach 2025, the landscape of ITAM tools continues to evolve, offering more advanced features and capabilities.…

Read more →

Password managers help to securely store and manage passwords, enhancing security and simplifying access across various platforms. Top password management solutions make password protection easy and effective for online security. These solutions securely store your passwords in a virtual safe…

Read more →

Cybersecurity researchers have uncovered a sophisticated attack campaign where threat actors impersonate recruitment professionals to distribute dangerous malware payloads. On November 29, 2024, threat actors were found impersonating Dev.to, a popular developer community, to distribute malicious code hidden within project…

Read more →

A deceptive phishing campaign targeting mobile users with fake unpaid toll notifications has intensified significantly in recent months, evolving into one of the most sophisticated SMS-based credential theft operations currently active. This scheme represents a tactical shift in phishing methodology,…

Read more →

A sophisticated phishing campaign dubbed “PoisonSeed” has emerged targeting customer relationship management (CRM) and bulk email service providers in a concerning supply chain attack. The operation leverages compromised email infrastructure to distribute malicious content aimed at cryptocurrency wallet holders, particularly…

Read more →

Cybercriminals are intensifying their efforts to exploit taxpayers through sophisticated phishing campaigns. These campaigns utilize tax-related themes as social engineering lures to steal credentials and deploy malware. What distinguishes this year’s attacks is the increased use of redirection methods such…

Read more →

A new type of Android spyware that requires a password for uninstallation has been identified, making it increasingly difficult for victims to remove the malicious software from their devices. A stealthy phone monitoring app that effectively blocks device owners from…

Read more →

The State Bar of Texas has confirmed a significant data security incident that occurred in early 2025, compromising sensitive information of its members and clients. The breach, which was discovered on February 12, 2025, involved unauthorized access to the organization’s…

Read more →

Extended Detection and Response (XDR) is a unified security incident platform that leverages AI and automation to protect organizations against advanced cyberattacks. XDR expands upon traditional endpoint detection and response (EDR) by integrating data from multiple sources, including endpoints, networks,…

Read more →

A sophisticated malware campaign dubbed “Clickfix” has emerged, targeting users through deceptive browser notifications and pop-ups that prompt immediate action through “Fix Now” and “Bot Verification” buttons. When triggered, these seemingly harmless prompts initiate a multi-stage infection chain that deploys…

Read more →

A concerning trend in digital attacks: threat actors are weaponizing PDF files. According to CheckPoint Research, while 68% of all malicious attacks are delivered through email, PDF-based attacks now constitute 22% of all malicious email attachments, making them a significant security…

Read more →

A critical remote code execution (RCE) vulnerability has been discovered in Apache Parquet’s Java library, potentially affecting thousands of data analytics systems worldwide.  The flaw, identified as CVE-2025-30065, carries the highest possible CVSS score of 10.0 and allows attackers to…

Read more →

A sophisticated malicious Python package named “disgrasya” has been discovered on the PyPI repository, containing a fully automated carding script specifically targeting WooCommerce stores. This package, whose name translates to “disaster” in Filipino slang, enables attackers to test stolen credit…

Read more →

A concerning security vulnerability has emerged in the AI landscape as researchers discover that DeepSeek-R1’s Chain of Thought (CoT) reasoning system can be exploited to create sophisticated malware and generate convincing phishing campaigns. The 671-billion-parameter model, designed to enhance reasoning…

Read more →

A sophisticated new credit card skimming operation dubbed “RolandSkimmer” has emerged, targeting users primarily in Bulgaria through malicious browser extensions. Named after the unique string “Rol@and4You” embedded in its payload, this attack represents a concerning evolution in web-based financial theft…

Read more →

Multiple major Australian superannuation funds have fallen victim to a sophisticated cyberattack that has compromised thousands of member accounts and resulted in confirmed financial losses.  Cybersecurity experts have identified the attack as a coordinated OAuth token manipulation campaign coupled with…

Read more →

A critical security vulnerability, CVE-2025-31137, has been identified in React Router, a popular library used by millions of developers for managing routing in React applications.  Security researchers from zhero_web_security discovered this flaw, which affects both React Router 7 and Remix…

Read more →

Frida 16.7.0, the latest version of the popular dynamic instrumentation toolkit, has powerful new APIs specifically designed for advanced threat monitoring and security analysis.  This major update, announced on March 13, 2025, introduces groundbreaking capabilities that significantly enhance the toolkit’s…

Read more →

Security researchers have identified a critical vulnerability in Ivanti Connect Secure (ICS) VPN appliances that is being actively exploited by suspected Chinese threat actors. The vulnerability, tracked as CVE-2025-22457, is a buffer overflow flaw affecting ICS version 22.7R2.5 and earlier…

Read more →

A critical security vulnerability in OpenVPN has been discovered that could allow attackers to crash servers, potentially disrupting secure communications for thousands of users worldwide.  The vulnerability, identified as CVE-2025-2704, affects OpenVPN versions 2.6.1 through 2.6.13 when configured with the…

Read more →

A critical security vulnerability in Apache Traffic Server (ATS) has been discovered. By exploiting how the server processes chunked messages, attackers can perform request smuggling attacks.  The vulnerability, tracked as CVE-2024-53868, affects multiple versions of this high-performance HTTP proxy server…

Read more →

Oracle Corporation has confirmed a data breach involving its older Gen 1 servers, marking the second cybersecurity incident disclosed by the company in recent weeks. The breach, initially reported by a threat actor on Breachforums on March 20, 2025, has…

Read more →

CISA warns of threat actors’ increasing adoption of the fast flux technique to evade detection and conceal malicious server infrastructures. As cybercriminal operations grow increasingly sophisticated, threat actors adopt advanced techniques like fast flux to mask malicious infrastructure, evade defensive measures, and…

Read more →

A sophisticated phishing campaign has emerged targeting users of Monex Securities, one of Japan’s largest online brokerage platforms formed through the merger of Monex, Inc. and Nikko Beans, Inc. Since early April 2025, attackers have deployed a series of fraudulent…

Read more →

A sophisticated ransomware operation known as Hunters International emerged in October 2023, with strong evidence suggesting connections to the formerly dismantled Hive ransomware group. The initial attack was documented on October 13, 2023, when the group disclosed their first victim—an…

Read more →

A sophisticated cyber campaign leveraging the DarkCloud information stealer has targeted Spanish organizations across multiple critical sectors since early April 2025. The malware, distributed via weaponized .TAR archives embedded in phishing emails, exploits billing-themed lures to compromise technology, legal, financial,…

Read more →

A sophisticated web skimming campaign that employs a novel technique leveraging Stripe’s legacy API to validate payment card details before exfiltration.  This tactic ensures attackers collect only valid payment information, making their operation more efficient while reducing the chances of…

Read more →

A highly sophisticated Russian threat actor known as Seashell Blizzard (also tracked as APT44, Sandworm, and Voodoo Bear) has been conducting extensive cyber operations against organizations worldwide. Linked to Russian Military Intelligence Unit 74455 (GRU), this adversary has targeted critical…

Read more →

A sophisticated ransomware attack targeted Managed Service Providers (MSPs) through well-crafted phishing emails designed to appear as authentication alerts for their ScreenConnect Remote Monitoring and Management (RMM) tool. This attack resulted in the deployment of Qilin ransomware across multiple customer…

Read more →

A sophisticated cyber espionage campaign dubbed “Operation HollowQuill” has been uncovered targeting academic institutions and government agencies worldwide through weaponized PDF documents. The operation employs social engineering tactics, disguising malicious PDFs as research papers, grant applications, or government communiqués to…

Read more →

A new generation of sophisticated AI-powered Gray Bots has emerged, targeting web applications with unprecedented intensity. These bots utilize machine learning to mimic human behavior while generating over 17,000 requests per hour. Unlike traditional attacks, they adjust traffic patterns to…

Read more →

Attackers are actively exploiting a critical authentication bypass vulnerability in SonicWall firewalls to gain unauthorized network access.  The vulnerability tracked as CVE-2024-53704, with a critical CVSS score of 9.8, allows remote attackers to hijack active SSL VPN sessions without requiring…

Read more →

A dangerous partnership has emerged in the cybercriminal landscape, as EvilCorp, a sanctioned Russia-based cybercriminal enterprise, has begun working with RansomHub, one of the most active ransomware-as-a-service (RaaS) operations. This collaboration, identified through shared indicators of compromise (IOCs) and tactics,…

Read more →

Cisco disclosed a critical security vulnerability affecting Cisco Meraki MX and Z Series devices, which presents significant risks to enterprise networks.  The vulnerability tracked as CVE-2025-20212 and associated with allows authenticated remote attackers to trigger denial of service (DoS) conditions…

Read more →

Cybersecurity experts have uncovered a sophisticated malware campaign that initially exploited the popular DeepSeek LLM as a lure but has now expanded significantly. In early March 2025, researchers identified malicious operations using DeepSeek as bait, but subsequent telemetry analysis has…

Read more →

Recent network monitoring data from SANS reveals a significant spike in targeted scans seeking to exploit default credentials in Juniper Networks’ Session Smart Router (SSR) platform.  Security researchers have observed a massive coordinated campaign attempting to identify and compromise vulnerable…

Read more →

A new sophisticated attack campaign targeting Apache Tomcat servers has emerged, with attackers deploying encrypted and encoded payloads designed to run on both Windows and Linux systems. The attack chain begins with brute-force attempts against Tomcat management consoles using commonly…

Read more →

A new Remote Access Trojan (RAT) dubbed “SnowDog RAT” is malicious software purportedly marketed for $300 per month. It appears to have been specifically developed for corporate espionage and targeted attacks on business environments.  The malware advertisement, discovered on Thursday,…

Read more →

A sophisticated new malware campaign targeting the magic community has emerged. Dubbed “AbracadabraStealer,” this malware steals login credentials from magic forums, online shops, and streaming platforms where enthusiasts store payment information. The attackers have crafted a particularly deceptive operation that…

Read more →

The Jenkins project has disclosed multiple security vulnerabilities affecting its core platform and several plugins, exposing organizations to potential data breaches and code execution attacks.  Eight distinct vulnerabilities observed across Jenkins core and various plugins that could allow attackers to…

Read more →

Critical vulnerabilities in Google’s Quick Share file transfer utility for Windows allowed attackers to achieve remote code execution (RCE) without user interaction.  The flaws exposed millions of Windows users to potential attacks through this peer-to-peer data transfer application. Ten unique…

Read more →

A sophisticated malware campaign leveraging SmokeLoader has been identified targeting the First Ukrainian International Bank. Attackers are using weaponized 7z archives as the initial attack vector, leading to the deployment of infostealer malware through a complex infection chain. The attack…

Read more →

A sophisticated attack campaign targeting Telegram users has emerged, with cybercriminals exploiting a commonly overlooked vulnerability: default voicemail passwords. Security experts have identified a surge in account hijacking incidents, particularly in Israel, where attackers leverage voicemail systems to intercept authentication…

Read more →

A widespread cryptojacking campaign targeting poorly secured PostgreSQL database servers has impacted over 1,500 victims globally. The attack leverages fileless execution techniques and credential brute-forcing to deploy Monero (XMR)-mining malware while evading traditional cloud workload protection (CWPP) tools. Security analysts…

Read more →

A critical security vulnerability in the Verizon Call Filter iOS app exposed the incoming call records of potentially millions of Verizon Wireless customers, allowing unauthorized access to sensitive communication metadata without device compromise or user notification.  Independent security researcher Evan…

Read more →

GitHub has revealed that over 39 million secrets were leaked across its platform in 2024 alone, prompting the company to launch new security tools to combat this persistent threat.  The exposed secrets include API keys, credentials, tokens, and other sensitive…

Read more →

GoResolver, a ground-breaking open-source tool, was unveiled to address one of the most persistent issues in malware analysis: deobfuscating Golang binaries.  Developed by Volexity, this innovative solution employs control-flow graph similarity techniques to recover obfuscated function names, significantly enhancing reverse…

Read more →

In one of the largest coordinated law enforcement operations against online child exploitation, authorities have dismantled Kidflix, a major streaming platform for child sexual abuse material (CSAM) that had amassed 1.8 million users worldwide.  The international operation codenamed “Operation Stream,”…

Read more →

Companies evaluate their cybersecurity posture and protect network infrastructure implementations by employing cybersecurity experts to undertake security assessments. The organization may engage penetration testers to conduct offensive attacks against the established security measures for the infrastructure. The company will concurrently…

Read more →

A new sophisticated phishing campaign leveraging QR codes to steal Microsoft 365 login credentials has emerged in the cybersecurity landscape. This attack represents a significant evolution in phishing tactics, combining social engineering with technical sophistication to bypass traditional email security…

Read more →

A newly disclosed vulnerability in WinRAR allows attackers to bypass a core Windows security mechanism, enabling arbitrary code execution on affected systems. Tracked as CVE-2025-31334, this flaw impacts all WinRAR versions before 7.11 and has been assigned a CVSS score…

Read more →

Cybersecurity experts observed the emergence of a concerning trend in which ransomware attacks leveraging malware created with an open-source tool called “Prince Ransomware.” This Go-language builder was freely available on GitHub, significantly lowering the technical barrier for attackers to launch…

Read more →

Two critical vulnerabilities were actively exploited in Cisco Smart Licensing Utility, potentially allowing attackers to gain administrative access to affected systems.  Organizations running vulnerable software versions are urged to apply patches immediately as exploitation attempts continue to increase. According to…

Read more →

The notorious Gootloader malware has reemerged with evolved tactics, now leveraging Google Search advertisements to target users seeking legal document templates. This sophisticated campaign specifically promotes “free” legal templates, primarily non-disclosure agreements, through sponsored search results that appear legitimate to…

Read more →

ChatGPT, the popular AI chatbot developed by OpenAI, experienced a significant outage on April 2, 2025. The outage impacted thousands of users globally and left many users unable to access the service. Users in India, the United States, and other…

Read more →

Outlaw has emerged as a persistent Linux malware that continues to infect systems worldwide despite its relatively unsophisticated techniques. This malware has demonstrated remarkable longevity in the threat landscape by leveraging simple yet effective tactics such as SSH brute-forcing, strategic…

Read more →

Critical security vulnerabilities discovered in a popular WordPress plugin have placed more than 20,000 websites at risk of complete site takeover.  Security researchers identified two high-severity flaws in the WP Ultimate CSV Importer plugin that could allow even low-privileged users…

Read more →

French antitrust regulators have imposed a €150 million ($162.4 million) fine on Apple for abusing its dominant market position through its App Tracking Transparency (ATT) framework, marking the first regulatory penalty specifically targeting this privacy control mechanism. The French Competition…

Read more →

A significant security vulnerability in Google Cloud Platform (GCP) that could have allowed attackers to access private container images stored in Google Artifact Registry and Google Container Registry.  The vulnerability, dubbed “ImageRunner,” has been fixed but highlights a concerning privilege…

Read more →

Mozilla has officially released Firefox 137, addressing multiple high-severity security vulnerabilities that could potentially allow remote attackers to execute arbitrary code, trigger denial of service conditions, or elevate privileges on affected systems.  This critical security update, announced on April 1,…

Read more →

The most common passwords hackers are using in attacks against Remote Desktop Protocol (RDP) services, highlighting critical vulnerabilities in many organizations’ security postures.  The Specops research team analyzed 15 million passwords used in live attacks against RDP ports, revealing that…

Read more →

Web browsing history, a feature designed to enhance user convenience by styling visited links differently, has inadvertently become a privacy vulnerability exploited by attackers.  While this functionality helps users navigate websites by visually distinguishing visited links, it also opens the…

Read more →

Google has launched a new end-to-end encryption (E2EE) model for Gmail enterprise users, marking a significant advancement in email security that allows business customers to send fully encrypted emails to any recipient with minimal technical complexity.  Announced on April 1,…

Read more →

Cybersecurity researchers have discovered a sophisticated new Android malware called “Salvador Stealer” that targets banking credentials and one-time passwords (OTPs) through an elaborate phishing scheme. This multi-stage malware masquerades as legitimate banking applications to trick users into revealing sensitive financial…

Read more →

Google has rolled out a critical security update for Chrome 135 across all desktop platforms. The update addresses fourteen vulnerabilities, including high-severity flaws that could enable remote code execution. The stable channel update (135.0.7049.52 for Linux, 135.0.7049.41/42 for Windows/macOS) comes…

Read more →

Cybersecurity researchers have uncovered a sophisticated new attack method that exploits wireless communication channels to create covert backdoors, enabling threat actors to capture sensitive credentials without detection. This technique, dubbed “Channel Triggered Backdoor Attack,” manipulates subtle variations in wireless signals…

Read more →

A significant surge in cyberattacks targeting enterprise network appliances and remote access tools has put global organizations on high alert.  On March 28, 2025, GreyNoise observed a 300% increase in malicious activity directed at SonicWall firewalls, Zoho ManageEngine platforms, F5…

Read more →

In a concerning development for Linux kernel security, researchers have demonstrated how side-channel leakage in kernel defenses can be exploited to compromise even the latest Linux kernels. The technique, detailed in a USENIX Security paper, reveals how certain kernel defenses…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories on April 1, 2025, highlighting significant vulnerabilities in critical infrastructure components.  These advisories, ICSA-25-091-01 and ICSA-24-331-04, address security flaws in Rockwell Automation and Hitachi Energy products…

Read more →

Sliver, a multi-platform Command & Control framework written entirely in Go, has gained significant traction in offensive security since its 2020 release. The framework provides red teams with powerful post-exploitation capabilities, but as its user base has expanded, detection has…

Read more →

Python has officially standardized a lock file format with the acceptance of PEP 751 marking a significant milestone for the Python packaging ecosystem. The new format, named pylock.toml, addresses long-standing issues with dependency management by providing a standardized way to…

Read more →

Ransomware has emerged as one of the most devastating cyberthreats facing organizations today, capable of bringing even thriving businesses to their knees within hours. As digital transformation accelerates across sectors, the attack surface for these malicious campaigns continues to expand,…

Read more →

Cybersecurity experts have identified a sophisticated phishing campaign specifically targeting taxpayers through their mobile devices. The attacks leverage the heightened anxiety of last-minute tax filers, creating a perfect storm for cybercriminals looking to harvest sensitive personal and financial information. These…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Apache Tomcat vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog following evidence of active exploitation in the wild.  The vulnerability, tracked as CVE-2025-24813, allows remote attackers to execute arbitrary…

Read more →

Cybersecurity researchers identified a sophisticated malware campaign leveraging a new variant of KoiLoader, a modular payload delivery system notorious for distributing information stealers like Koi Stealer. This updated strain employs PowerShell scripts embedded within Windows shortcut (LNK) files to bypass…

Read more →

A sophisticated multi-stage attack where threat actors leverage Microsoft Teams to deliver malicious payloads, establishing persistence and remote access to corporate networks.  This new attack vector exploits Teams’ perceived security as an internal business application, allowing attackers to bypass traditional…

Read more →

A sophisticated cyber espionage campaign attributed to Iranian state-sponsored group APT34 (OilRig) has targeted Iraqi governmental entities and critical infrastructure sectors since late 2024, leveraging new malware variants designed to evade conventional security measures. The group, active since 2012, has…

Read more →

Threat hunting isn’t just a job — it’s an adventure. There’s a thrill in proactively chasing down adversaries who think they’ve outsmarted your defenses. It’s this blend of challenge, creativity, and impact that makes threat hunting not only fun but…

Read more →

A critical security flaw in Kentico Xperience CMS, a widely used enterprise content management system (CMS), has been uncovered. By exploiting a Cross-Site Scripting (XSS) vulnerability, attackers can execute remote code.  This vulnerability, tracked as CVE-2025-2748, affects versions of Kentico…

Read more →

Researchers from Xi’an Jiaotong University have introduced EncGPT, an AI-powered multi-agent framework that dynamically generates encryption and decryption rules. This innovation addresses critical challenges in communication security, balancing cost-efficiency and high-level encryption reliability. EncGPT leverages large language models (LLMs) to…

Read more →

VMware has issued a critical security advisory (VMSA-2025-0006) addressing a high-severity local privilege escalation vulnerability (CVE-2025-22231) in its Aria Operations platform. The flaw, rated 7.8 on the CVSSv3 scale, allows attackers with local administrative access to gain root-level control over…

Read more →

A critical security vulnerability in Plantronics Hub software enables attackers to escalate privileges through an unquoted search path weakness. Affecting versions 3.24.5 through 3.25.2, this vulnerability becomes particularly dangerous when installed alongside OpenScape Fusion for MS Office, which is often…

Read more →

HijackLoader, a sophisticated malware loader initially discovered in 2023, has evolved with new advanced modules designed to evade security detection and analysis. Also known as IDAT Loader and GHOSTPULSE, this modular malware not only delivers second-stage payloads but also employs…

Read more →

A significant data breach has hit Samsung Germany as threat actor “GHNA” has released 270,000 customer support tickets for free on hacking forums.  The breach, which occurred in March 2025, exposes extensive personal and transactional data from Samsung’s German operations…

Read more →

A high-severity security vulnerability (CVE-2025-1449) affecting its Verve Asset Manager product could allow attackers with administrative access to execute arbitrary commands.  The vulnerability, discovered in versions 1.39 and earlier, has been assigned a CVSS Base Score of 9.1 (v3.1), indicating…

Read more →

Penetration testing, also known as ethical hacking, is a critical process in cybersecurity aimed at identifying and addressing vulnerabilities within systems, networks, and applications. By simulating real-world attacks, penetration testing helps organizations uncover weaknesses before malicious actors can exploit them.…

Read more →

Check Point Software Technologies has confirmed a data breach following claims by threat actor CoreInjection on March 30th, 2025, but insists the incident is an “old, known and very pinpointed event” from December 2024 that had already been addressed.  The…

Read more →

Linux Lite 7.4 Final has officially been released and is now available for download. This latest iteration of the lightweight Linux distribution brings several GUI improvements, bug fixes, and code updates while maintaining its focus on user-friendly computing for both…

Read more →

Microsoft has discovered multiple critical vulnerabilities affecting widely used bootloaders including GRUB2, U-Boot, and Barebox. These security flaws potentially expose systems to sophisticated boot-level attacks that could compromise devices before operating systems even initialize, allowing attackers to gain persistent and…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Cisco vulnerability to its Known Exploited Vulnerabilities (KEV) catalog following confirmation of active exploitation in the wild.  The flaw, identified as CVE-2024-20439, affects the Cisco Smart Licensing Utility (CSLU)…

Read more →

Security researchers have confirmed active exploitation attempts targeting the critical authentication bypass vulnerability in CrushFTP (CVE-2025-2825) following the public release of proof-of-concept exploit code.  Based on Shadowserver Foundation’s most recent monitoring data, approximately 1,512 unpatched instances remain vulnerable globally as…

Read more →