Tag: Cyber Security News

In an era where deep learning models increasingly power critical systems from self-driving cars to medical devices, security researchers have unveiled DeBackdoor, an innovative framework designed to detect stealthy backdoor attacks before deployment. Backdoor attacks, among the most effective and…

Read more →

Artificial intelligence has dramatically transformed the cybersecurity landscape, with red team activities increasingly leveraging sophisticated AI-driven techniques to simulate advanced persistent threats. These AI-enhanced red teams can now automate the process of penetrating targets and collecting sensitive data at unprecedented…

Read more →

A sophisticated Python-based Remote Access Trojan (RAT) leveraging Discord as its command and control infrastructure has been identified targeting users worldwide. This malware enables attackers to execute arbitrary system commands, capture screenshots, and most critically, steal saved login credentials from…

Read more →

In a sophisticated cyber espionage campaign recently uncovered, Russian hackers have been impersonating the U.S. Central Intelligence Agency (CIA) and other organizations to harvest sensitive information from Ukrainian sympathizers and potential Russian defectors. The operation utilizes carefully crafted phishing websites…

Read more →

PJobRAT, an Android Remote Access Trojan (RAT) first observed in 2019, has recently resurfaced with enhanced capabilities and a refined targeting strategy. The malware, initially documented targeting Indian military personnel in 2021, has evolved to compromise users in Taiwan through…

Read more →

A sophisticated new data theft malware strain dubbed “SHELBY” has emerged in the cybersecurity landscape, targeting primarily financial institutions and healthcare organizations across North America and Europe. The malware employs a multi-stage infection process that begins with phishing emails containing…

Read more →

A massive website hijacking campaign has been uncovered, affecting approximately 150,000 websites with malicious full-page redirects to Chinese gambling platforms. The attack, which first emerged in February 2025 targeting around 35,000 sites, has rapidly expanded its reach, demonstrating the threat…

Read more →

RansomHub emerged in February 2024, just as Operation Cronos dismantled major ransomware players BlackCat and LockBit. This new ransomware-as-a-service operation quickly attracted affiliates with generous terms—keeping 90% of ransom payments and offering direct wallet transfers. By July 2024, RansomHub had…

Read more →

In a recent discovery, cybersecurity experts have identified renewed activity from FamousSparrow, a China-aligned APT group previously thought to be inactive since 2022. The threat actor has resurfaced with two previously undocumented versions of its signature backdoor, SparrowDoor, targeting organizations…

Read more →

A new ransomware variant known as PlayBoy Locker has emerged, targeting multiple operating systems including Windows, NAS, and ESXi. First discovered in September 2024, this malware initially operated as a Ransomware-as-a-Service (RaaS) platform, offering cybercriminals a versatile tool for their…

Read more →

Hackers have launched sophisticated attacks targeting MailChimp, one of the most widely used email marketing platforms. These attacks leverage advanced phishing techniques and social engineering tactics to gain unauthorized access to corporate MailChimp accounts, potentially exposing sensitive subscriber data and…

Read more →

A new ransomware strain has been discovered targeting virtualized environments, specifically Microsoft Hyper-V servers. This targeted approach marks a significant evolution in ransomware tactics, as the malware focuses exclusively on hypervisors rather than encrypting all endpoint devices, creating maximum damage…

Read more →

Blacklock ransomware, also known as “El Dorado” or “Eldorado,” emerged as one of the most aggressive ransomware-as-a-service (RaaS) operations in early 2025. The group rapidly accelerated attacks across multiple sectors including electronics, academia, religious organizations, defense, healthcare, technology, and government…

Read more →

Cloudflare announced the open-sourcing of OPKSSH (OpenPubkey SSH) on March 25, 2025.  This technology integrates single sign-on (SSO) with SSH authentication, eliminating the need for manual SSH key management.  Previously owned by BastionZero (acquired by Cloudflare), the code has been…

Read more →

After nearly a year of regulatory hurdles, Meta has finally begun deploying its conversational AI assistant across the European Union and neighboring countries this week.  The rollout, which covers 41 European countries and 21 overseas territories, marks Meta’s largest global…

Read more →

A critical vulnerability in GLPI, a widely-used open-source IT Service Management (ITSM) platform tracked as CVE-2025-24799, enables unauthenticated attackers to perform SQL injection attacks through the inventory endpoint. This flaw can lead to remote code execution (RCE), potentially resulting in…

Read more →

Malaysia’s Prime Minister Anwar Ibrahim confirmed on Tuesday that hackers demanded a US$10 million ransom following a sophisticated cyberattack that disrupted critical systems at Kuala Lumpur International Airport (KLIA) over the weekend.  The security breach, which occurred on March 23,…

Read more →

Cybercriminals have launched a sophisticated attack campaign leveraging Google’s sponsored search results to target users searching for DeepSeek, the increasingly popular AI platform. The attack uses convincingly crafted fake advertisements that appear at the top of Google search results, mimicking…

Read more →

Mozilla has released an emergency security update for its Firefox browser on Windows systems to address a critical vulnerability that could allow attackers to escape browser sandboxes and potentially gain control of affected systems.  The patch comes shortly after Google…

Read more →

A sophisticated new phishing platform named Lucid has emerged as a significant cybersecurity threat, targeting 169 entities across 88 countries globally. Developed by Chinese-speaking threat actors, this Phishing-as-a-Service (PhAAS) platform operates through 129 active instances and over 1,000 registered domains.…

Read more →

The Tor Project has issued an emergency update for Windows users on March 27, 2025, releasing Tor Browser 14.0.8 with critical security patches.  This Windows-only release addresses “very urgent” security vulnerabilities in Firefox, the browser framework underpinning Tor Browser, and…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding a critical zero-day vulnerability in Google Chrome that is actively being exploited in the wild. The vulnerability, identified as CVE-2025-2783, affects the Chromium-based browsers on Windows systems…

Read more →

The largest US internet provider, WideOpenWest (WOW!), is allegedly compromised by Arkana Security, a recently discovered ransomware group. The attack, which security researchers trace to an infostealer infection from September 2024, has reportedly compromised over 403,000 customer accounts and granted…

Read more →

Organizations are facing an unbelievable surge in cloud-based security threats, with attacks nearly five times more frequent at the end of 2024 compared to the beginning of the year. Most concerning is the targeted attack on Identity and Access Management…

Read more →

A new botnet named “GorillaBot,” has orchestrated over 300,000 attack commands across more than 100 countries within a span of just three weeks. Built on the infamous Mirai botnet framework, GorillaBot represents a sophisticated malware evolution. It leverages advanced encryption…

Read more →

A recent security update for Windows Server 2025, released on February 11, 2025 (KB5051987), has caused a significant issue for users relying on Remote Desktop Protocol (RDP). The update, part of Microsoft’s February Patch Tuesday, has led to RDP sessions…

Read more →

Microsoft’s January 2025 Windows preview update (KB5050094) for Windows 11 version 24H2 has caused significant issues with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS). Users have reported unexpected disconnections, particularly after the release of the March 2025…

Read more →

Online marketplaces have become increasingly popular in developing countries since 2015, providing platforms for trading various goods from used electronics to brand-new items. This digitalization trend, however, has created fertile ground for sophisticated scam operations. Among these, Classiscam has emerged…

Read more →

A sophisticated technique was recently detected by researchers where attackers abuse Component Object Model (COM) objects to execute fileless malware for lateral movement across networks. This technique, detailed in research from March 2025, leverages legitimate Windows functionality to establish persistence…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical Sitecore CMS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.  The vulnerabilities, CVE-2019-9874 and CVE-2019-9875, both affect the Sitecore.Security.AntiCSRF…

Read more →

In a significant cybersecurity incident, approximately 9,000 sensitive court documents have been illegally downloaded from the NSW Online Registry Website (ORW), which authorities are calling a “major data breach.”  The attack has triggered an immediate investigation by the NSW Police…

Read more →

A moderate-severity vulnerability has been identified in Synology Mail Server. It allows remote authenticated attackers to read and write non-sensitive settings and disable certain non-critical functions.  The security flaw, tracked as CVE-2025-2848, affects multiple versions of the popular mail server software and…

Read more →

Credential stuffing has emerged as one of the most pervasive and effective attack vectors in today’s cybersecurity landscape. This technique, which leverages stolen username and password combinations across multiple platforms, has been significantly enhanced through a sophisticated automation tool called…

Read more →

Dark web carding marketplace B1ack’s Stash has announced the release of 4 million stolen credit card details at no cost to cybercriminals. This massive data leak, publicized on February 19, 2025, represents one of the largest freely distributed caches of…

Read more →

A proof-of-concept (PoC) exploit for a critical remote code execution vulnerability in Kubernetes Ingress-NGINX controllers, tracked as CVE-2025-1974.  The vulnerability uncovered by WiZ affects the validation webhook component and could allow attackers to execute arbitrary code on affected systems, potentially…

Read more →

Cybersecurity researchers have uncovered a sophisticated attack campaign leveraging a fraudulent website that impersonates the Indian Post Office to deliver malware to both Windows and Android users. The fake website, hosted at postindia[.]site, employs device detection techniques to serve tailored…

Read more →

A significant vulnerability in GitHub’s CodeQL actions could have permitted attackers to execute malicious code across hundreds of thousands of repositories.  The vulnerability, assigned CVE-2025-24362, originated from a publicly exposed GitHub token in workflow artifacts that created a small but…

Read more →

A sophisticated Linux-based backdoor dubbed “OrpaCrab” has emerged as a significant threat to operational technology (OT) systems, particularly those managing gas station infrastructure. Security researchers discovered the malware after it was uploaded to VirusTotal in January 2024 from the United…

Read more →

OpenAI has dramatically increased its maximum bug bounty reward to $100,000 for exceptional critical security vulnerabilities, up from the previous cap of $20,000.  This fivefold increase highlights the AI leader’s growing emphasis on cybersecurity as its models advance toward artificial…

Read more →

A critical security vulnerability has been identified in the widely used Exim mail transfer agent (MTA), potentially allowing attackers with command-line access to escalate privileges on affected systems.  The vulnerability, tracked as CVE-2025-30232, affects Exim versions 4.96 through 4.98.1 and…

Read more →

Irish and Spanish law enforcement authorities have successfully apprehended 12 members of a high-risk criminal network in a coordinated operation spanning both countries.  The arrests, announced on March 26, 2025, included six suspects in Ireland and six in Spain, all…

Read more →

Splunk has released patches to address a high-severity Remote Code Execution (RCE) vulnerability affecting Splunk Enterprise and Splunk Cloud Platform. The vulnerability, identified as CVE-2025-20229, could allow a low-privileged user to execute arbitrary code by uploading malicious files. The vulnerability…

Read more →

Critical security vulnerabilities have been identified in industrial camera systems widely deployed across Japanese manufacturing facilities, allowing malicious actors to remotely access live footage and disrupt essential production monitoring. These flaws, present in the Inaba Denki Sangyo Co., Ltd. IB-MCT001…

Read more →

A sophisticated new malware strain dubbed SectopRAT has emerged, leveraging Cloudflare’s Turnstile challenge system as part of its attack methodology. This Remote Access Trojan specifically targets Windows users through a multi-staged infection process that begins with seemingly legitimate CAPTCHA verification…

Read more →

A sophisticated phishing campaign dubbed the “Clickflix Technique” has emerged targeting YouTube content creators through seemingly legitimate brand collaboration requests. This new attack vector exploits creators’ eagerness to secure sponsorship deals by disguising malware payloads as partnership documentation. Cybercriminals initiate…

Read more →

March 2025 saw a sharp uptick in cyber threats that put both individual users and organizations at risk. From banking apps weaponized to steal personal data, to trusted domains abused for redirecting users to phishing traps, cybercriminals didn’t hold back.…

Read more →

In a startling revelation, a new report indicates that three out of four enterprise users are uploading data to generative AI (genAI) applications, including sensitive information such as passwords and keys. This alarming trend highlights the growing risks associated with…

Read more →

The NPM package repository remains active, and despite a decline in malware numbers between 2023 and 2024, this year’s numbers don’t seem to continue that downward trend. Recently, security researchers discovered two intriguing packages ethers-provider2 and ethers-providerz, which employed sophisticated…

Read more →

A critical issue affecting Windows 11 24H2 users has emerged, disrupting the connection between Veeam Recovery Media and backup servers.  The problem, linked to Microsoft’s February update (KB5051987), is preventing organizations from performing data recovery operations, potentially compromising business continuity…

Read more →

A sophisticated cyberattack campaign attributed to the North Korean Advanced Persistent Threat (APT) group Kimsuky has been observed utilizing new tactics and malicious scripts. The attack revolves around a ZIP file containing multiple components designed to steal sensitive information from…

Read more →

CYFOX has uncovered significant vulnerabilities in smart TVs that could potentially disrupt entire enterprise networks. This discovery was made possible by their groundbreaking OmniSec vCISO platform, the first GenAI-powered autonomous security and compliance agent. During the implementation of OmniSec, CYFOX…

Read more →

In mid-March 2025, cybersecurity researchers uncovered “Operation ForumTroll,” targeting Russian media outlets and educational institutions. Victims are infected by clicking phishing links disguised as invitations to the “Primakov Readings” forum, requiring no further interaction for the sophisticated malware to deploy…

Read more →

Two critical vulnerabilities have been identified in widely used software: CrushFTP and Next.js. CrushFTP, a file transfer solution, contains a vulnerability allowing unauthorized access through standard web ports, bypassing security measures.  Additionally, Next.js, a popular React framework, suffers from CVE-2025-29927,…

Read more →

Researchers have discovered a major security vulnerability affecting multiple gaming laptop models using Clevo hardware.  Boot Guard private keys were found exposed within firmware update packages, potentially allowing attackers to bypass critical security protections in affected devices. Researchers at Binary…

Read more →

Raspberry Robin, a complex and evolving malware threat, has been operating since 2019, initially spreading through infected USB drives at print and copy shops. This sophisticated malware has transformed from a simple worm into a full-fledged initial access broker (IAB)…

Read more →

A credential rotation error led to widespread service disruptions across multiple Cloudflare products on March 21, 2025, affecting customers globally for over an hour.  The company disclosed that 100% of write operations and approximately 35% of read operations to their…

Read more →

A high-severity security vulnerability discovered in NetApp SnapCenter could allow authenticated users to gain administrative privileges on remote systems, posing significant risks to organizational data and infrastructure security.  Security researchers have identified this vulnerability, CVE-2025-26512, which carries a critical CVSS…

Read more →

Google’s Chrome browser installation process has been disrupted by a significant technical error affecting Windows users worldwide.  Users attempting to install Chrome on Intel or AMD-based Windows 10 and 11 systems are encountering an error message stating “This app can’t…

Read more →

Multiple internet service providers worldwide are reporting widespread disruptions as DrayTek routers enter continuous reboot loops, affecting businesses and consumers alike.  Security intelligence firm GreyNoise has identified the active exploitation of several DrayTek vulnerabilities, which could be linked to these…

Read more →

A newly identified malware strain dubbed “IOCONTROL” has emerged as a critical threat to operational technology (OT) and Internet of Things (IoT) systems, particularly targeting fuel-management infrastructure in the United States and Israel. First observed in December 2024, this Linux-based…

Read more →

A critical vulnerability affecting all Windows operating systems from Windows 7 and Server 2008 R2 through the latest Windows 11 v24H2 and Server 2025.  This zero-day flaw enables attackers to capture users’ NTLM authentication credentials simply by having them view…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released four Industrial Control System (ICS) advisories on March 25, 2025, detailing significant vulnerabilities in products from ABB, Rockwell Automation, and Inaba Denki Sangyo.  These vulnerabilities, with CVSS v4 scores ranging from 5.1…

Read more →

Security researchers have uncovered multiple critical vulnerabilities in Appsmith, a popular open-source developer platform for building internal applications.  Most concerning is CVE-2024-55963, which allows unauthenticated attackers to execute arbitrary system commands on servers running default installations of Appsmith versions 1.20…

Read more →

Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered a zero-day vulnerability being actively exploited by sophisticated threat actors.  The vulnerability, identified as CVE-2025-2783, allowed attackers to bypass Chrome’s sandbox protection through…

Read more →

A sophisticated campaign by Russian threat actors exploiting a critical zero-day vulnerability in the Microsoft Management Console (MMC). The vulnerability, CVE-2025-26633, allows attackers to bypass security features and execute malicious code on targeted systems. Trend Research identified the Russian hacking…

Read more →

VMware addressed a significant authentication bypass vulnerability in its VMware Tools for Windows suite. The vulnerability, CVE-2025-22230, could allow malicious actors with non-administrative privileges on a Windows guest virtual machine to perform high-privilege operations within that VM. VMware has classified…

Read more →

Mobile banking malware has seen an alarming surge in 2024, with nearly 248,000 users encountering these dangerous threats—a staggering 3.6 times increase compared to the 69,000 users affected in 2023. This dramatic uptick, particularly pronounced in the second half of…

Read more →

Microsoft has announced a significant expansion of its AI-powered security capabilities, introducing autonomous security agents and enhanced protections for artificial intelligence systems.  The new offerings aim to address the exponential growth in cyberattacks, which now include more than 30 billion…

Read more →

Cybersecurity researchers have unveiled a new autonomous penetration testing agent that leverages large language models (LLMs) to execute commands on real Linux shell systems. ARACNE, as the agent is called, represents a significant advancement in automated security testing, demonstrating the…

Read more →

Security Onion 2.4.140 has been officially released, featuring significant upgrades to core components including Suricata 7.0.9, Zeek 7.0.6, and a host of improvements to the Security Operations Center (SOC) configuration interface.  This release focuses on enhancing security, fixing bugs, and…

Read more →

In recent years, malware authors have increasingly turned to emerging programming languages like Rust, Nim, and Go for their nefarious creations. This shift represents a tactical evolution as threat actors seek to bypass modern security solutions and complicate reverse engineering…

Read more →

Microsoft has unveiled significant new data protection capabilities for its Edge for Business browser, specifically targeting the challenges posed by Bring Your Own Device (BYOD) environments and the growing integration of AI in daily workflows.  Announced on March 24, 2025,…

Read more →

SnakeKeylogger has emerged as a sophisticated credential-stealing malware, targeting both individuals and organizations with its multi-stage infection chain and stealthy in-memory execution techniques. This malware is specifically designed to harvest sensitive login credentials while remaining undetected by traditional security measures,…

Read more →

In the ever-evolving landscape of cyber threats, security professionals need robust tools to analyze malicious software safely. CAPE (Config And Payload Extraction) has emerged as a powerful malware sandbox derived from Cuckoo v1, offering advanced capabilities for executing and analyzing…

Read more →

As of March 2025, the National Institute of Standards and Technology (NIST) continues to face mounting challenges in processing the ever-growing backlog of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD).  Despite previous efforts to clear the…

Read more →

Cybercriminals have developed sophisticated malware campaigns targeting Android users by exploiting .NET MAUI, a cross-platform development framework, to evade traditional security measures. These threats disguise themselves as legitimate banking and social networking applications to harvest sensitive information from unsuspecting users.…

Read more →

The Federal Bureau of Investigation’s Denver Field Office has issued an urgent alert regarding a sophisticated cybersecurity threat that has been increasingly targeting individuals and organizations across the United States.  Threat actors are now deploying malicious software disguised as free…

Read more →

The best Managed Detection and Response (MDR) solutions are designed to enhance an organization’s cybersecurity posture by providing comprehensive threat detection and response capabilities. These solutions typically combine advanced technologies with expert security teams to monitor and respond to threats…

Read more →

Linus Torvalds has officially announced the release of Linux kernel 6.14, the latest stable version of the open-source operating system kernel.  Originally expected on Sunday, the release was pushed to Monday due to what Torvalds humorously described as “pure incompetence.” …

Read more →

A sophisticated new phishing campaign has emerged targeting the gaming community, specifically Counter-Strike 2 players, using an advanced technique known as Browser-in-the-Browser (BitB). This attack method creates a convincing fake browser pop-up window that tricks users into entering their Steam…

Read more →

Researchers have uncovered a series of critical security vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively dubbed “IngressNightmare.”  These flaws could allow unauthenticated attackers to execute remote code and gain complete control over vulnerable Kubernetes clusters. Ingress NGINX Remote…

Read more →

A sophisticated malware strain dubbed “Rilide” has emerged as a significant threat to Chrome and Edge browser users, operating as a deceptive browser extension designed to harvest login credentials. Security researchers have discovered this malware in active campaigns targeting corporate…

Read more →

A sophisticated malware campaign targeting software developers has emerged, leveraging fake coding challenges to infiltrate systems with a stealthy backdoor dubbed FogDoor. First identified in March 2025, this threat specifically targets Polish-speaking developers and job seekers through socially engineered GitHub…

Read more →

A sophisticated phishing campaign targeting Google account credentials through fake Semrush advertisements has emerged, posing a significant threat to digital marketers and SEO professionals. Cybercriminals have deployed numerous malicious advertisements that appear legitimate in Google search results, leveraging Semrush’s growing…

Read more →

A groundbreaking security tool has emerged in the ongoing battle against sophisticated Linux malware. A new Rust-based kernel module designed specifically for detecting rootkits has been released, offering enhanced capabilities to identify these particularly elusive threats. The module represents a…

Read more →

A novel attack vector combining browser cache exploitation and DLL proxying has emerged as a significant threat to organizations using Microsoft Teams and OneDrive. Dubbed Browser Cache Smuggling, this technique allows attackers to bypass traditional security defenses by leveraging browsers’ caching…

Read more →

INTERPOL led a multi-national law enforcement operation dubbed “Operation Red Card,” which has resulted in the arrest of over 300 suspected cyber criminals.  Operation Red Card, conducted from November 2024 to February 2025, targeted cross-border criminal syndicates responsible for mobile…

Read more →

A highly targeted phishing campaign is currently exploiting Pocket Card users through elaborately crafted emails that appear to originate from the legitimate financial service provider. The campaign, active since early March 2025, has already compromised an estimated 3,000 accounts, resulting…

Read more →

Cloudflare has launched AI Labyrinth, an innovative tool designed to combat unauthorized web-scraping bots by redirecting them into an endless maze of AI-generated content.  Introduced on March 19, 2025, this free, opt-in feature marks a significant shift in bot mitigation…

Read more →

A critical vulnerability in WP Ghost, a popular WordPress security plugin with over 200,000 active installations.  The high-severity flaw, tracked as CVE-2025-26909 with a CVSS score of 9.6, allows unauthenticated attackers to exploit a Local File Inclusion (LFI) vulnerability that…

Read more →

A critical vulnerability in GamiPress, a popular WordPress plugin used for gamification and rewards systems on websites.  The high-impact flaw, categorized as CVE-2024-13496 with a CVSS 3.1 score of 7.5, allowed unauthenticated attackers to inject malicious SQL queries that could…

Read more →

The Federal Communications Commission (FCC) has launched a sweeping investigation into nine Chinese technology and telecommunications companies that were previously placed on its Covered List, aiming to determine if these firms are evading U.S. restrictions.  FCC Chairman Brendan Carr announced…

Read more →

Clio has emerged as a revolutionary real-time logging solution developed by cybersecurity engineers at CyberLock Technologies in the evolving landscape of cybersecurity tools. Launched in January 2025, this sophisticated tool addresses critical gaps in traditional logging frameworks by providing comprehensive…

Read more →

Google has confirmed a critical security flaw in Chrome that affects billions of users across Windows, Mac, Linux, and Android platforms.  The vulnerability, which could allow attackers to execute arbitrary code through specially crafted web pages, prompted an urgent update…

Read more →

Memory corruption vulnerabilities remain a persistent threat to software systems, particularly those built using low-level languages like C/C++. These vulnerabilities can lead to devastating attacks, allowing malicious actors to execute arbitrary code or manipulate critical program data. Traditional protection mechanisms…

Read more →

The fitness technology landscape has undergone a dramatic transformation. Millions of weight machines worldwide now connect to the internet through standardized API endpoints, creating an unprecedented ecosystem of smart fitness equipment.  Industry analysts project this market will exceed $8 billion…

Read more →

A lone cybercriminal masquerading as a hacker group has been unmasked as the entity behind more than 90 data breaches worldwide over a four-year period. The individual, who operated under four distinct aliases, ALTDOS, DESORDEN, GHOSTR, and Omid16B targeted companies…

Read more →

A sophisticated threat actor dubbed “Weaver Ant,” Web Shell Whisperer has emerged from China, deploying advanced web shell payloads across critical infrastructure sectors worldwide. This persistent campaign, active since late 2024, targets vulnerable web applications and content management systems in…

Read more →

A critical security vulnerability (CVE-2025-29927) has been discovered in Next.js that allows attackers to completely bypass middleware-based security controls by manipulating the x-middleware-subrequest header.  This critical flaw affects authentication flows, authorization controls, path rewriting, and security header implementations across multiple…

Read more →

Cloudflare has unveiled a clientless, browser-based Remote Desktop Protocol (RDP) solution, expanding its Zero Trust Network Access (ZTNA) capabilities for secure Windows server access. This new offering, which follows the October 2024 release of short-lived SSH access, eliminates the need…

Read more →