Tag: Cyber Security News

A sophisticated phishing campaign is leveraging virtual hard disk (.vhd) files to distribute the dangerous VenomRAT malware. The attack begins with purchase order-themed emails containing archive attachments that, when extracted, reveal hard disk image files designed to evade traditional security…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert highlighting a significant vulnerability in Fortinet’s FortiOS and FortiProxy systems, which threat actors are actively exploiting. The authentication bypass vulnerability, tracked as CVE-2025-24472, has been added to…

Read more →

A critical Windows vulnerability that has been exploited since 2017 by state-sponsored threat actors has been uncovered recently by researchers. The vulnerability, tracked as ZDI-CAN-25373, allows attackers to execute hidden malicious commands on victims’ machines by leveraging specially crafted Windows…

Read more →

ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update pages, the framework has undergone significant developments, incorporating more advanced deception techniques to deliver malware…

Read more →

A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls by exploiting the way legitimate applications search for and load…

Read more →

Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction facilitated through Safe{Wallet}, when attackers intervened and manipulated the transaction, ultimately siphoning over 400,000 ETH…

Read more →

A sophisticated cyber espionage campaign has been uncovered where threat actors are masquerading as recruiters to target job seekers and employees of specific organizations. The attackers send phishing emails disguised as job opportunities from legitimate industrial organizations, attaching malicious files…

Read more →

Cloudflare has announced the first phase of end-to-end quantum readiness for its Zero Trust platform, enabling organizations to protect their corporate network traffic against future quantum computer threats.  The initiative, which builds on Cloudflare’s research into post-quantum cryptography since 2017,…

Read more →

A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely on lookalike domains or email spoofing, this attack leverages Microsoft’s…

Read more →

Security researchers from Bitdefender have uncovered a large-scale ad fraud campaign involving 331 malicious apps on the Google Play Store. These apps, which have accumulated over 60 million downloads, exploit vulnerabilities in Android 13 to bypass security restrictions and carry…

Read more →

Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. The sophisticated malware has been observed in targeted attacks against financial institutions, government…

Read more →

A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware leverages social engineering tactics to trick users into installing what appears to be a productivity…

Read more →

Attackers are actively exploiting a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. The vulnerability, identified as CVE-2024-27564, has become a significant threat despite its medium severity classification.  According to research by cybersecurity firm Veriti, this vulnerability has already been…

Read more →

Google’s parent company, Alphabet Inc., is reportedly in advanced negotiations to acquire cybersecurity startup Wiz for approximately $30 billion.  If completed, this acquisition would become the tech giant’s largest deal in its history, far surpassing its previous record of $12.5…

Read more →

At long last, the first release of GIMP 3.0 is here! This is the end result of seven years of rigorous development by volunteer developers, designers, artists, and community members (for reference, GIMP 2.10 was first published in 2018). With…

Read more →

A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and steal user sessions in mere seconds. This method exploits web browser functionalities to hijack authenticated sessions, posing a significant threat to organizations…

Read more →

Security researchers have publicly released a proof-of-concept (PoC) exploit for CVE-2024-36904, a critical use-after-free vulnerability in the Linux kernel that has remained undetected for seven years.  The vulnerability, which affects the TCP subsystem, could potentially allow attackers to execute remote…

Read more →

The Danish Agency for Social Security (CFCS) has issued an updated threat assessment warning of severe cyber threats targeting the nation’s telecommunications sector, signaling a heightened alert level for state-sponsored espionage.  The report, which supersedes the 2022 version, underscores an…

Read more →

Cobalt Strike has released version 4.11 with significant improvements to its evasion capabilities, making the popular red team tool more resilient against modern security solutions.  The update introduces a novel Sleepmask, new process injection techniques, enhanced obfuscation options, and stealthier…

Read more →

Cryptocurrency exchange OKX has temporarily suspended its decentralized exchange (DEX) aggregator service following allegations that North Korea’s state-sponsored Lazarus Group exploited it to launder funds stolen from the recent Bybit hack.  The suspension, announced on March 17, 2025, coincides with…

Read more →

Google has officially launched OSV-Scanner V2.0.0, a major upgrade to its open-source vulnerability scanning tool.  Released on March 17, 2025, this new version represents a significant evolution in helping developers identify and fix security vulnerabilities in their software dependencies. The…

Read more →

Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The vulnerability, which enables attackers to take control of servers with a simple PUT request,…

Read more →

In a massive security breach discovered this week, approximately 23,000 GitHub repositories have been compromised in what security experts are calling one of the largest supply chain attacks to date. The attackers exploited vulnerabilities in the software development pipeline to…

Read more →

Pavel Durov, founder and CEO of Telegram, announced his return to Dubai on Monday following months of judicial supervision in France as investigations into alleged criminal activities on his messaging platform continue. Durov expressed relief at being back home and…

Read more →

Researchers discovered critical vulnerabilities in Kentico’s Xperience CMS that could allow attackers to completely compromise affected systems.  The vulnerabilities, identified as WT-2025-0006, WT-2025-0007, and WT-2025-0011, can be chained together to achieve unauthenticated remote code execution on systems with common configurations.…

Read more →

The FBI has issued an urgent warning about the rising threat of malicious file conversion tools that are being used to spread malware across the United States. Cybercriminals are targeting users searching for free utilities to convert documents from one…

Read more →

A newly discovered cryptojacking malware dubbed “MassJacker” is targeting users who download pirated software, replacing cryptocurrency wallet addresses to redirect funds to attackers. The malware acts as a clipboard hijacker, monitoring when users copy crypto wallet addresses and silently replacing…

Read more →

The old adage “Prevention is better than cure” has taken a new, more urgent meaning in the cybersecurity community. With 600 million cyber attacks per day, several companies have started investing heavily in proactive cybersecurity measures that encompass risk-based vulnerability…

Read more →

A high-severity authentication vulnerability in ManageEngine Analytics Plus on-premise installations has been identified, potentially allowing malicious actors to gain unauthorized access to Active Directory (AD) authenticated user accounts.  The vulnerability, tracked as CVE-2025-1724, affects all Windows builds prior to 6130…

Read more →

In a significant development for digital forensics investigators, new research has revealed comprehensive methods to decrypt Zoom Team Chat databases, potentially exposing sensitive user communications and activities.  As organizations worldwide continue to rely on Zoom for remote collaboration, these findings…

Read more →

Cybersecurity researchers have disclosed a critical remote code execution vulnerability (CVE-2025-24016) affecting Wazuh, a widely-used open-source security information and event management (SIEM) platform.  The vulnerability, which carries a severe CVSS score of 9.9, impacts versions 4.4.0 through 4.9.0 and allows…

Read more →

Security researchers have uncovered several critical vulnerabilities in Espressif Systems’ ESP-IDF framework that could allow attackers to execute arbitrary code on ESP32 devices via Bluetooth interfaces.  The high-risk flaws, which affect ESP-IDF versions 5.0.7, 5.1.5, 5.2.3, and 5.3.1 (and likely…

Read more →

The Chinese state-sponsored hacking group known as Volt Typhoon has intensified its campaign targeting critical infrastructure across multiple countries through the exploitation of vulnerable Cisco and NetGear routers. This advanced persistent threat (APT) actor has been conducting widespread espionage and…

Read more →

Security researchers have uncovered a sophisticated malware strain targeting Microsoft’s Internet Information Services (IIS) web servers, leveraging C++ to deploy advanced evasion techniques and payload delivery mechanisms. The malware disguises its core processes as the legitimate Windows command-line utility cmd.exe…

Read more →

A disturbing security vulnerability has been uncovered affecting RSA encryption keys used across the internet, with researchers discovering that approximately 1 in 172 certificates found online are susceptible to compromise through a mathematical attack. This widespread vulnerability primarily impacts Internet…

Read more →

A well-known vulnerability analyst has publicly criticized the Microsoft Security Response Center (MSRC) for refusing to process a detailed bug report without a proof-of-concept (POC) video. The incident has sparked debate within the cybersecurity community about the necessity of video…

Read more →

Apple has announced it will implement end-to-end encryption (E2EE) for Rich Communication Services (RCS) messaging on iPhones, significantly enhancing security for cross-platform communications between iOS and Android users.  The announcement comes as the GSM Association (GSMA) releases its new RCS…

Read more →

BlackLock ransomware has emerged as one of the most notorious cybersecurity threats of 2025, compromising more than 40 organizations within just two months. The fast-rising ransomware group has targeted victims across multiple sectors, with construction, real estate, and technology industries…

Read more →

Luxury automotive manufacturer Jaguar Land Rover (JLR) has become the latest victim of the rapidly emerging HELLCAT ransomware group, with sensitive internal documents and employee data now exposed on hacking forums.  The attack bears the hallmarks of HELLCAT’s sophisticated tactics,…

Read more →

A sophisticated Android banking trojan known as OctoV2 has been discovered masquerading as the legitimate DeepSeek AI application. The malware campaign uses a deceptive phishing website that closely mimics the official DeepSeek platform, tricking users into downloading a malicious application…

Read more →

Researchers have identified a concerning trend where threat actors are increasingly abusing Cascading Style Sheets (CSS) to bypass spam detection systems and covertly track user behaviours.  Observed from the second half of 2024 through February 2025, these sophisticated techniques leverage…

Read more →

Three significant vulnerabilities in Adobe Acrobat Reader were found, which might allow attackers to run arbitrary code or expose sensitive information. These vulnerabilities, discovered by Cisco Talos, affect multiple versions of the popular PDF software and pose significant security risks…

Read more →

Cybersecurity experts have recently demonstrated how heavy-duty vehicles such as commercial trucks and buses can be remotely compromised, potentially giving attackers control over critical vehicle functions. These findings highlight significant vulnerabilities in the increasingly software-driven and interconnected nature of modern…

Read more →

Researchers have uncovered a critical vulnerability in TP-Link TL-WR845N routers that could allow attackers to gain complete control over affected devices.  The flaw, identified as CVE-2024-57040 and assigned a CVSS score of 9.8 (Critical), exposes hardcoded root shell credentials stored…

Read more →

Welcome to this week’s Cybersecurity Newsletter, where we provide you with the latest updates and essential insights from the rapidly changing field of cybersecurity. Staying informed is crucial in today’s fast-paced digital environment. Our goal is to provide you with…

Read more →

In a sophisticated cyber espionage campaign discovered in January 2025, the RedCurl APT group (also known as EarthKapre) has been observed targeting law firms and corporate organizations with a focus on corporate espionage. The threat actors employ a multi-stage attack…

Read more →

A sophisticated supply chain attack has compromised over 100 automotive dealerships across the country, exposing countless visitors to malware infection. The attack leveraged a shared video service specifically used by auto dealerships, injecting malicious code that redirected unsuspecting users to…

Read more →

Researchers have uncovered serious memory corruption vulnerabilities in Delphi programming language, challenging the widespread belief that Delphi provides inherent memory safety protections. These findings highlight significant security risks that could potentially lead to application crashes, data leaks, or even remote…

Read more →

A novel cryptomining campaign has been identified that exploits misconfigured Jupyter Notebooks, targeting both Windows and Linux systems. The attack leverages exposed instances of Jupyter Notebook, an interactive application widely used by data scientists containing a Python IDE, to deploy…

Read more →

Cybersecurity researchers have discovered that DeepSeek R1, an open-source large language model, can be manipulated to create functioning malware despite built-in safeguards. The AI model, designed with reasoning capabilities, initially refuses to generate malicious code but can be circumvented through…

Read more →

Amazon Web Services Simple Notification Service (AWS SNS) has emerged as a new vector for malicious actors to exfiltrate sensitive data and conduct phishing campaigns. This pub/sub messaging service, designed to enable application-to-person and application-to-application communications, is increasingly being exploited…

Read more →

The rise of remote work has significantly increased the attack surface for cybercriminals, making robust cybersecurity tools more critical than ever. As organizations adapt to a world where employees operate from diverse locations, cyber threats targeting remote devices continue to…

Read more →

A new, surprisingly simple method called Context Compliance Attack (CCA) has proven effective at bypassing safety guardrails in most leading AI systems. Unlike complex prompt engineering techniques that attempt to confuse AI systems with intricate word combinations, CCA exploits a…

Read more →

A Russian-speaking actor using the Telegram handle @ExploitWhispers leaked internal chat logs of Black Basta Ransomware-as-a-Service (RaaS) members on February 11, 2025. These communications, spanning from September 2023 to September 2024, have provided security researchers with unprecedented insight into the…

Read more →

A hacker operating under the pseudonym “Empire” has allegedly listed a database containing 3,176,958 records from Honda Cars India Ltd for sale on a notorious cybercrime forum. The leaked data reportedly includes sensitive customer information such as names, aliases, addresses,…

Read more →

Two critical authentication bypass vulnerabilities have been discovered in the ruby-saml library, potentially exposing numerous web applications to account takeover attacks.  Security researchers from GitHub Security Lab have identified parser differential vulnerabilities (CVE-2025-25291 and CVE-2025-25292) affecting ruby-saml versions up to…

Read more →

Cisco has issued security advisories for multiple vulnerabilities affecting its IOS XR Software, with particular emphasis on a significant memory corruption vulnerability in the Border Gateway Protocol (BGP) confederation implementation.  The vulnerability tracked as CVE-2025-20115, with a CVSS score of…

Read more →

Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia, and Europe. This sophisticated attack specifically aims at individuals in…

Read more →

Researchers have identified a series of sophisticated attacks by the notorious Lazarus group targeting South Korean web servers.  The threat actors have been breaching IIS servers to deploy ASP-based web shells, which are subsequently used as first-stage Command and Control…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued multiple Industrial Control Systems (ICS) advisories highlighting significant security vulnerabilities across various critical infrastructure sectors.  These advisories reveal several high-severity and critical vulnerabilities that demand immediate attention from organizations operating…

Read more →

Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a developer for the notorious LockBit ransomware group.  The extradition, which took place on March 13,…

Read more →

Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python’s official third-party software repository.  This latest attack vector involves several malicious packages disguised as time-related utilities, which are actually designed to steal sensitive…

Read more →

Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques.  Threat researchers are warning organizations about these highly targeted attacks designed to bypass traditional security controls and achieve account takeover…

Read more →

A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand.  The breakthrough exploits a critical weakness in the ransomware’s encryption methodology. According to the researcher,…

Read more →

Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks, attributed to a newly identified threat actor tracked as “Mora_001,” culminated in the deployment of…

Read more →

Cyber attack simulation tools help organizations identify vulnerabilities, test security defenses, and improve their cybersecurity posture by simulating real-world attacks. These tools range from breach and attack simulation (BAS) platforms to adversary emulation frameworks. Here are some of the top…

Read more →

QR code Phishing, or “Quishing,” is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks.  Quishing takes advantage of the recent high-use volume and increasing popularity of QR codes. These codes, which can…

Read more →

Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader.  The vulnerability, tracked as CVE-2024-56336 and has received the highest severity ratings with a CVSS…

Read more →

As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant.  Microsoft Copilot, which launched in 2023, has rapidly become an essential productivity tool for many organizations, integrating…

Read more →

A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company.  Cybersecurity researcher Jeremiah Fowler identified an unprotected AWS S3 storage bucket containing approximately 108.8 GB of…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability, an out-of-bounds write issue, could allow attackers to execute unauthorized code on vulnerable devices. The…

Read more →

CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or compartmentalization issue within the operating system’s kernel. This flaw could allow a local attacker with…

Read more →

Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years.  The vulnerability, tracked as CVE-2025-24983, was included in the company’s March 2025 Patch Tuesday release in March. According to cybersecurity firm ESET, which…

Read more →

A significant security vulnerability has been identified in Apache NiFi, allowing potential attackers with specific access privileges to expose MongoDB authentication credentials.  The vulnerability, tracked as CVE-2025-27017 (NIFI-14272), affects multiple versions of the Apache NiFi data processing system and could…

Read more →

Bitdefender has disclosed two critical vulnerabilities affecting its BOX v1 device that could allow network-adjacent attackers to execute Man-in-the-Middle (MITM) attacks, potentially leading to remote code execution.  The vulnerabilities, assigned CVE-2024-13872 and CVE-2024-13871, both received a CVSS score of 9.4,…

Read more →

Mozilla has issued an urgent warning to Firefox users worldwide, emphasizing the critical need to update their browsers before March 14, 2025, when a vital root certificate will expire.  This expiration threatens to disable extensions, break DRM-protected content playback, and…

Read more →

A sophisticated new Android malware campaign linked to North Korean hackers has been discovered, posing a significant security threat that managed to infiltrate Google’s official Play Store. The spyware, dubbed “KoSpy,” targets Korean and English-speaking users by disguising itself as…

Read more →

A severe vulnerability in Tenda AC7 Routers running firmware version V15.03.06.44 allows malicious actors to execute arbitrary code and gain root shell access.  The flaw originates from a stack overflow vulnerability in the router’s formSetFirewallCfg function. Attackers can use a…

Read more →

A critical vulnerability in the widely used FreeType font rendering library has been discovered and is reportedly being exploited in the wild, posing a serious security threat to millions of devices across multiple platforms. Security researchers have identified the flaw,…

Read more →

The cybersecurity landscape has witnessed a concerning development as the threat actor group known as Blind Eagle (also tracked as APT-C-36) has launched a sophisticated campaign targeting organizations primarily in South America with a novel attack vector. The group, known…

Read more →

A sophisticated malware campaign targeting mobile users in South Korea has been uncovered, with clear links to North Korean threat actors. The malicious application, masquerading as a “Document Viewing Authentication App” (문서열람 인증 앱). This malicious app was identified through…

Read more →

A sophisticated malware campaign is targeting Windows users through deceptive CAPTCHA verification prompts that trick victims into executing malicious PowerShell scripts. This resurgence of fake CAPTCHA attacks, identified in early February 2025, represents a growing threat as attackers continue to…

Read more →

Cybersecurity researchers have identified a cluster of servers hosting JSPSpy, a Java-based webshell first observed in 2013, now being deployed alongside a rebranded file management tool. The webshell features a graphical interface enabling remote access and file management capabilities, making…

Read more →

GitLab has released critical security patches for multiple vulnerabilities that could potentially allow attackers to authenticate as legitimate users or even execute remote code under specific circumstances.  The company has urged all self-managed GitLab installations to immediately upgrade to versions…

Read more →

A highly sophisticated ransomware variant named Medusa has compromised over 300 organizations worldwide from critical infrastructure sectors. The attacks have targeted a wide array of industries including medical, education, legal, insurance, technology, and manufacturing sectors, demonstrating the threat actor’s broad…

Read more →

A sophisticated malware campaign, tracked as OBSCURE#BAT, has been identified using heavily obfuscated batch scripts to install stealthy rootkits, allowing attackers to maintain persistent access to compromised systems while avoiding detection. This campaign uses social engineering tactics and deceptive file…

Read more →

Fortinet has released a comprehensive security update addressing numerous vulnerabilities across its product portfolio, with particularly significant issues identified in FortiSandbox, FortiOS, and several other enterprise security solutions.  These vulnerabilities range from medium to high severity and could potentially allow…

Read more →

In a significant cybersecurity breach discovered in mid-2024, a sophisticated threat actor deployed custom backdoors on Juniper Networks’ Junos OS routers. The intrusion represents an alarming development in the targeting of critical network infrastructure by nation-state actors, with potential implications…

Read more →

The United States Department of Justice unveiled charges against twelve Chinese nationals on March 5, 2025, accusing them of orchestrating a sophisticated global cyber espionage campaign targeting critical American infrastructure, government agencies, and dissidents.  The indictments mark a significant escalation…

Read more →

Cisco has disclosed a high-severity privilege escalation vulnerability (CVE-2025-20138) in its IOS XR Software. This vulnerability enables authenticated local attackers to execute arbitrary commands as the root user on affected devices. The flaw, with a CVSS score of 8.8, impacts…

Read more →

Recent security disclosures reveal multiple high-severity vulnerabilities in Zoom’s client software, exposing millions of users to potential data breaches, privilege escalation, and unauthorized access.  The most critical flaws, patched in Zoom’s March 11, 2025, security bulletin, include CVE-2025-27440 (heap-based buffer…

Read more →

Tycoon is back with a new phishing trick! The threat group has updated its tactics, using PDF lures and clever redirects to steal credentials. Victims are tricked into clicking a fake company policy notice, leading them straight to a phishing…

Read more →

The National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released a security advisory regarding an Advanced Persistent Threat (APT) attack campaign targeting organizations in Japan. The campaign, attributed to a threat actor…

Read more →

A new wave of cyberattacks utilizing the Dark Crystal RAT (DCRat) backdoor has been targeting users since early 2025 through YouTube distribution channels. Cybercriminals create or compromise YouTube accounts to upload videos advertising gaming cheats, cracks, and bots that appeal…

Read more →

NVIDIA has issued a significant software update for its Riva speech AI platform, releasing version 2.19.0 to resolve two high-severity vulnerabilities (CVE-2025-23242 and CVE-2025-23243) involving improper access control mechanisms.  The update, detailed in a March 10, 2025 security bulletin, impacts…

Read more →

Security researchers have uncovered a sophisticated XML External Entity (XXE) injection vulnerability in PHP applications that could allow attackers to access sensitive configuration files and private keys. The vulnerability, discovered by researcher Aleksandr Zhurnakov, affects PHP applications using certain libxml…

Read more →

Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and CVE-2025-24045, both Remote Code Execution (RCE) vulnerabilities in Windows Remote Desktop Services (RDS). Each vulnerability…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) escalated its cybersecurity alert, by adding six critical Microsoft Windows vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, with four directly impacting the New Technology File System (NTFS).  These flaws CVE-2025-24984, CVE-2025-24991, CVE-2025-24993,…

Read more →

A newly discovered Python-based backdoor called AnubisBackdoor is enabling threat actors to execute remote commands on compromised systems while completely evading detection by most antivirus solutions. Developed by the notorious threat group Savage Ladybug (also known as FIN7), this malware…

Read more →

A disturbing trend of sophisticated attacks recently detected by researchers specifically designed to evade multi-factor authentication (MFA) protections. These advanced techniques, which exploit vulnerabilities in authentication workflows rather than the authentication factors themselves, have enabled attackers to gain unauthorized access…

Read more →