Tag: Cyber Security News

A disturbing security vulnerability has been uncovered affecting RSA encryption keys used across the internet, with researchers discovering that approximately 1 in 172 certificates found online are susceptible to compromise through a mathematical attack. This widespread vulnerability primarily impacts Internet…

Read more →

A well-known vulnerability analyst has publicly criticized the Microsoft Security Response Center (MSRC) for refusing to process a detailed bug report without a proof-of-concept (POC) video. The incident has sparked debate within the cybersecurity community about the necessity of video…

Read more →

Apple has announced it will implement end-to-end encryption (E2EE) for Rich Communication Services (RCS) messaging on iPhones, significantly enhancing security for cross-platform communications between iOS and Android users.  The announcement comes as the GSM Association (GSMA) releases its new RCS…

Read more →

BlackLock ransomware has emerged as one of the most notorious cybersecurity threats of 2025, compromising more than 40 organizations within just two months. The fast-rising ransomware group has targeted victims across multiple sectors, with construction, real estate, and technology industries…

Read more →

Luxury automotive manufacturer Jaguar Land Rover (JLR) has become the latest victim of the rapidly emerging HELLCAT ransomware group, with sensitive internal documents and employee data now exposed on hacking forums.  The attack bears the hallmarks of HELLCAT’s sophisticated tactics,…

Read more →

A sophisticated Android banking trojan known as OctoV2 has been discovered masquerading as the legitimate DeepSeek AI application. The malware campaign uses a deceptive phishing website that closely mimics the official DeepSeek platform, tricking users into downloading a malicious application…

Read more →

Researchers have identified a concerning trend where threat actors are increasingly abusing Cascading Style Sheets (CSS) to bypass spam detection systems and covertly track user behaviours.  Observed from the second half of 2024 through February 2025, these sophisticated techniques leverage…

Read more →

Three significant vulnerabilities in Adobe Acrobat Reader were found, which might allow attackers to run arbitrary code or expose sensitive information. These vulnerabilities, discovered by Cisco Talos, affect multiple versions of the popular PDF software and pose significant security risks…

Read more →

Cybersecurity experts have recently demonstrated how heavy-duty vehicles such as commercial trucks and buses can be remotely compromised, potentially giving attackers control over critical vehicle functions. These findings highlight significant vulnerabilities in the increasingly software-driven and interconnected nature of modern…

Read more →

Researchers have uncovered a critical vulnerability in TP-Link TL-WR845N routers that could allow attackers to gain complete control over affected devices.  The flaw, identified as CVE-2024-57040 and assigned a CVSS score of 9.8 (Critical), exposes hardcoded root shell credentials stored…

Read more →

Welcome to this week’s Cybersecurity Newsletter, where we provide you with the latest updates and essential insights from the rapidly changing field of cybersecurity. Staying informed is crucial in today’s fast-paced digital environment. Our goal is to provide you with…

Read more →

In a sophisticated cyber espionage campaign discovered in January 2025, the RedCurl APT group (also known as EarthKapre) has been observed targeting law firms and corporate organizations with a focus on corporate espionage. The threat actors employ a multi-stage attack…

Read more →

A sophisticated supply chain attack has compromised over 100 automotive dealerships across the country, exposing countless visitors to malware infection. The attack leveraged a shared video service specifically used by auto dealerships, injecting malicious code that redirected unsuspecting users to…

Read more →

Researchers have uncovered serious memory corruption vulnerabilities in Delphi programming language, challenging the widespread belief that Delphi provides inherent memory safety protections. These findings highlight significant security risks that could potentially lead to application crashes, data leaks, or even remote…

Read more →

A novel cryptomining campaign has been identified that exploits misconfigured Jupyter Notebooks, targeting both Windows and Linux systems. The attack leverages exposed instances of Jupyter Notebook, an interactive application widely used by data scientists containing a Python IDE, to deploy…

Read more →

Cybersecurity researchers have discovered that DeepSeek R1, an open-source large language model, can be manipulated to create functioning malware despite built-in safeguards. The AI model, designed with reasoning capabilities, initially refuses to generate malicious code but can be circumvented through…

Read more →

Amazon Web Services Simple Notification Service (AWS SNS) has emerged as a new vector for malicious actors to exfiltrate sensitive data and conduct phishing campaigns. This pub/sub messaging service, designed to enable application-to-person and application-to-application communications, is increasingly being exploited…

Read more →

The rise of remote work has significantly increased the attack surface for cybercriminals, making robust cybersecurity tools more critical than ever. As organizations adapt to a world where employees operate from diverse locations, cyber threats targeting remote devices continue to…

Read more →

A new, surprisingly simple method called Context Compliance Attack (CCA) has proven effective at bypassing safety guardrails in most leading AI systems. Unlike complex prompt engineering techniques that attempt to confuse AI systems with intricate word combinations, CCA exploits a…

Read more →

A Russian-speaking actor using the Telegram handle @ExploitWhispers leaked internal chat logs of Black Basta Ransomware-as-a-Service (RaaS) members on February 11, 2025. These communications, spanning from September 2023 to September 2024, have provided security researchers with unprecedented insight into the…

Read more →

A hacker operating under the pseudonym “Empire” has allegedly listed a database containing 3,176,958 records from Honda Cars India Ltd for sale on a notorious cybercrime forum. The leaked data reportedly includes sensitive customer information such as names, aliases, addresses,…

Read more →

Two critical authentication bypass vulnerabilities have been discovered in the ruby-saml library, potentially exposing numerous web applications to account takeover attacks.  Security researchers from GitHub Security Lab have identified parser differential vulnerabilities (CVE-2025-25291 and CVE-2025-25292) affecting ruby-saml versions up to…

Read more →

Cisco has issued security advisories for multiple vulnerabilities affecting its IOS XR Software, with particular emphasis on a significant memory corruption vulnerability in the Border Gateway Protocol (BGP) confederation implementation.  The vulnerability tracked as CVE-2025-20115, with a CVSS score of…

Read more →

Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia, and Europe. This sophisticated attack specifically aims at individuals in…

Read more →

Researchers have identified a series of sophisticated attacks by the notorious Lazarus group targeting South Korean web servers.  The threat actors have been breaching IIS servers to deploy ASP-based web shells, which are subsequently used as first-stage Command and Control…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued multiple Industrial Control Systems (ICS) advisories highlighting significant security vulnerabilities across various critical infrastructure sectors.  These advisories reveal several high-severity and critical vulnerabilities that demand immediate attention from organizations operating…

Read more →

Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a developer for the notorious LockBit ransomware group.  The extradition, which took place on March 13,…

Read more →

Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python’s official third-party software repository.  This latest attack vector involves several malicious packages disguised as time-related utilities, which are actually designed to steal sensitive…

Read more →

Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques.  Threat researchers are warning organizations about these highly targeted attacks designed to bypass traditional security controls and achieve account takeover…

Read more →

A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand.  The breakthrough exploits a critical weakness in the ransomware’s encryption methodology. According to the researcher,…

Read more →

Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks, attributed to a newly identified threat actor tracked as “Mora_001,” culminated in the deployment of…

Read more →

Cyber attack simulation tools help organizations identify vulnerabilities, test security defenses, and improve their cybersecurity posture by simulating real-world attacks. These tools range from breach and attack simulation (BAS) platforms to adversary emulation frameworks. Here are some of the top…

Read more →

QR code Phishing, or “Quishing,” is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks.  Quishing takes advantage of the recent high-use volume and increasing popularity of QR codes. These codes, which can…

Read more →

Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader.  The vulnerability, tracked as CVE-2024-56336 and has received the highest severity ratings with a CVSS…

Read more →

As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant.  Microsoft Copilot, which launched in 2023, has rapidly become an essential productivity tool for many organizations, integrating…

Read more →

A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company.  Cybersecurity researcher Jeremiah Fowler identified an unprotected AWS S3 storage bucket containing approximately 108.8 GB of…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability, an out-of-bounds write issue, could allow attackers to execute unauthorized code on vulnerable devices. The…

Read more →

CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or compartmentalization issue within the operating system’s kernel. This flaw could allow a local attacker with…

Read more →

Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years.  The vulnerability, tracked as CVE-2025-24983, was included in the company’s March 2025 Patch Tuesday release in March. According to cybersecurity firm ESET, which…

Read more →

A significant security vulnerability has been identified in Apache NiFi, allowing potential attackers with specific access privileges to expose MongoDB authentication credentials.  The vulnerability, tracked as CVE-2025-27017 (NIFI-14272), affects multiple versions of the Apache NiFi data processing system and could…

Read more →

Bitdefender has disclosed two critical vulnerabilities affecting its BOX v1 device that could allow network-adjacent attackers to execute Man-in-the-Middle (MITM) attacks, potentially leading to remote code execution.  The vulnerabilities, assigned CVE-2024-13872 and CVE-2024-13871, both received a CVSS score of 9.4,…

Read more →

Mozilla has issued an urgent warning to Firefox users worldwide, emphasizing the critical need to update their browsers before March 14, 2025, when a vital root certificate will expire.  This expiration threatens to disable extensions, break DRM-protected content playback, and…

Read more →

A sophisticated new Android malware campaign linked to North Korean hackers has been discovered, posing a significant security threat that managed to infiltrate Google’s official Play Store. The spyware, dubbed “KoSpy,” targets Korean and English-speaking users by disguising itself as…

Read more →

A severe vulnerability in Tenda AC7 Routers running firmware version V15.03.06.44 allows malicious actors to execute arbitrary code and gain root shell access.  The flaw originates from a stack overflow vulnerability in the router’s formSetFirewallCfg function. Attackers can use a…

Read more →

A critical vulnerability in the widely used FreeType font rendering library has been discovered and is reportedly being exploited in the wild, posing a serious security threat to millions of devices across multiple platforms. Security researchers have identified the flaw,…

Read more →

The cybersecurity landscape has witnessed a concerning development as the threat actor group known as Blind Eagle (also tracked as APT-C-36) has launched a sophisticated campaign targeting organizations primarily in South America with a novel attack vector. The group, known…

Read more →

A sophisticated malware campaign targeting mobile users in South Korea has been uncovered, with clear links to North Korean threat actors. The malicious application, masquerading as a “Document Viewing Authentication App” (문서열람 인증 앱). This malicious app was identified through…

Read more →

A sophisticated malware campaign is targeting Windows users through deceptive CAPTCHA verification prompts that trick victims into executing malicious PowerShell scripts. This resurgence of fake CAPTCHA attacks, identified in early February 2025, represents a growing threat as attackers continue to…

Read more →

Cybersecurity researchers have identified a cluster of servers hosting JSPSpy, a Java-based webshell first observed in 2013, now being deployed alongside a rebranded file management tool. The webshell features a graphical interface enabling remote access and file management capabilities, making…

Read more →

GitLab has released critical security patches for multiple vulnerabilities that could potentially allow attackers to authenticate as legitimate users or even execute remote code under specific circumstances.  The company has urged all self-managed GitLab installations to immediately upgrade to versions…

Read more →

A highly sophisticated ransomware variant named Medusa has compromised over 300 organizations worldwide from critical infrastructure sectors. The attacks have targeted a wide array of industries including medical, education, legal, insurance, technology, and manufacturing sectors, demonstrating the threat actor’s broad…

Read more →

A sophisticated malware campaign, tracked as OBSCURE#BAT, has been identified using heavily obfuscated batch scripts to install stealthy rootkits, allowing attackers to maintain persistent access to compromised systems while avoiding detection. This campaign uses social engineering tactics and deceptive file…

Read more →

Fortinet has released a comprehensive security update addressing numerous vulnerabilities across its product portfolio, with particularly significant issues identified in FortiSandbox, FortiOS, and several other enterprise security solutions.  These vulnerabilities range from medium to high severity and could potentially allow…

Read more →

In a significant cybersecurity breach discovered in mid-2024, a sophisticated threat actor deployed custom backdoors on Juniper Networks’ Junos OS routers. The intrusion represents an alarming development in the targeting of critical network infrastructure by nation-state actors, with potential implications…

Read more →

The United States Department of Justice unveiled charges against twelve Chinese nationals on March 5, 2025, accusing them of orchestrating a sophisticated global cyber espionage campaign targeting critical American infrastructure, government agencies, and dissidents.  The indictments mark a significant escalation…

Read more →

Cisco has disclosed a high-severity privilege escalation vulnerability (CVE-2025-20138) in its IOS XR Software. This vulnerability enables authenticated local attackers to execute arbitrary commands as the root user on affected devices. The flaw, with a CVSS score of 8.8, impacts…

Read more →

Recent security disclosures reveal multiple high-severity vulnerabilities in Zoom’s client software, exposing millions of users to potential data breaches, privilege escalation, and unauthorized access.  The most critical flaws, patched in Zoom’s March 11, 2025, security bulletin, include CVE-2025-27440 (heap-based buffer…

Read more →

Tycoon is back with a new phishing trick! The threat group has updated its tactics, using PDF lures and clever redirects to steal credentials. Victims are tricked into clicking a fake company policy notice, leading them straight to a phishing…

Read more →

The National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released a security advisory regarding an Advanced Persistent Threat (APT) attack campaign targeting organizations in Japan. The campaign, attributed to a threat actor…

Read more →

A new wave of cyberattacks utilizing the Dark Crystal RAT (DCRat) backdoor has been targeting users since early 2025 through YouTube distribution channels. Cybercriminals create or compromise YouTube accounts to upload videos advertising gaming cheats, cracks, and bots that appeal…

Read more →

NVIDIA has issued a significant software update for its Riva speech AI platform, releasing version 2.19.0 to resolve two high-severity vulnerabilities (CVE-2025-23242 and CVE-2025-23243) involving improper access control mechanisms.  The update, detailed in a March 10, 2025 security bulletin, impacts…

Read more →

Security researchers have uncovered a sophisticated XML External Entity (XXE) injection vulnerability in PHP applications that could allow attackers to access sensitive configuration files and private keys. The vulnerability, discovered by researcher Aleksandr Zhurnakov, affects PHP applications using certain libxml…

Read more →

Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and CVE-2025-24045, both Remote Code Execution (RCE) vulnerabilities in Windows Remote Desktop Services (RDS). Each vulnerability…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) escalated its cybersecurity alert, by adding six critical Microsoft Windows vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, with four directly impacting the New Technology File System (NTFS).  These flaws CVE-2025-24984, CVE-2025-24991, CVE-2025-24993,…

Read more →

A newly discovered Python-based backdoor called AnubisBackdoor is enabling threat actors to execute remote commands on compromised systems while completely evading detection by most antivirus solutions. Developed by the notorious threat group Savage Ladybug (also known as FIN7), this malware…

Read more →

A disturbing trend of sophisticated attacks recently detected by researchers specifically designed to evade multi-factor authentication (MFA) protections. These advanced techniques, which exploit vulnerabilities in authentication workflows rather than the authentication factors themselves, have enabled attackers to gain unauthorized access…

Read more →

Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects and executes when developers build these projects. This is the first known XCSSET variant since 2022, featuring enhanced obfuscation methods, updated…

Read more →

A threat actor operating under the alias “Rey” has allegedly compromised the internal systems of Jaguar Land Rover (JLR), one of the United Kingdom’s most prominent automotive manufacturers, and leaked approximately 700 internal documents containing sensitive technical and operational data. …

Read more →

A critical security flaw in Apache Camel’s header validation mechanism allows attackers to execute arbitrary system commands by exploiting case-sensitive header injection.  A POC released for CVE-2025-27636, this vulnerability impacts Apache Camel versions 4.10.0-4.10.1, 4.8.0-4.8.4, and 3.10.0-3.22.3, exposing systems using…

Read more →

Google has issued an urgent advisory to owners of Chromecast 2nd Generation (2015) and Chromecast Audio devices, warning against factory resets as a global outage linked to an expired security certificate renders these devices inoperable.  The company confirmed that it…

Read more →

A sophisticated malware campaign leveraging artificial intelligence to create deceptive GitHub repositories has been observed distributing SmartLoader payloads that ultimately deploy Lumma Stealer, a dangerous information-stealing malware.  This operation exploits GitHub’s trusted reputation to bypass security defenses, targeting users seeking…

Read more →

Japanese telecommunications conglomerate NTT Communications (NTT Com) disclosed this week that threat actors infiltrated its internal systems in February, compromising sensitive data belonging to 17,891 corporate clients globally.  The breach, detected on February 5, marks the latest in a series…

Read more →

A critical security vulnerability (CVE-2024-56325) in Apache Pinot, the open-source distributed OLAP datastore used by LinkedIn, Uber, and Microsoft for real-time analytics, allows unauthenticated attackers to bypass authentication controls and gain full system access.  Rated 9.8 on the CVSS v3…

Read more →

A newly identified botnet, tracked as Eleven11bot, has compromised approximately 30,000 internet-connected devices—primarily security cameras and network video recorders (NVRs)—to launch distributed denial-of-service (DDoS) attacks against critical infrastructure.  Discovered by Nokia Deepfield’s Emergency Response Team (ERT) on February 26, 2025,…

Read more →

A critical vulnerability in SolarWinds’ Web Help Desk software (CVE-2024-28989) allowed attackers to decrypt sensitive credentials, including database passwords and LDAP/SMTP authentication secrets, through cryptographic weaknesses in its AES-GCM implementation.  Patched in version 12.8.5, the flaw stemmed from predictable encryption…

Read more →

Microsoft’s March 2025 Patch Tuesday addresses 57 vulnerabilities, including six zero-day vulnerabilities that are currently being exploited. The security update includes fixes for Windows, Microsoft Office, Azure, and other components. The March update included fixes for: In addition to the…

Read more →

SIM swap attacks have emerged as a growing cybersecurity threat, with security researchers documenting a 38% increase in successful attacks during the first quarter of 2025. These sophisticated attacks involve criminals convincing mobile carriers to transfer a victim’s phone number…

Read more →

A series of ongoing, targeted cyber campaigns by Blind Eagle (APT-C-36), one of Latin America’s most dangerous threat actors primarily targeting Colombia’s justice system, government institutions, and private organizations were recently unveiled by Check Point Research (CPR). The group has…

Read more →

Artificial intelligence has emerged as a formidable weapon in the cybercriminal arsenal, enabling attacks with unprecedented precision, speed, and scale. Security experts warn that cybercriminals are increasingly leveraging automated AI systems to penetrate networks, steal data, and deploy intelligent viruses…

Read more →

Mandiant researchers, part of Google’s cybersecurity division, have uncovered several critical security bugs in Microsoft’s Time Travel Debugging (TTD) framework. The findings reveal significant instruction emulation inaccuracies that could potentially compromise security analyses and incident response investigations, leading analysts to…

Read more →

In a rapidly evolving digital landscape where cyber threats emerge daily, ANY.RUN is empowering Security Operations Centers (SOCs) worldwide with its cutting-edge Threat Intelligence (TI) Feeds. These continuously updated streams of Indicators of Compromise (IOCs) are designed to help organizations…

Read more →

Multiple critical vulnerabilities in ICONICS SCADA systems were uncovered recently by the researchers from Palo Alto Networks’ Unit 42, widely deployed across government, military, manufacturing, and utility sectors. The security flaws, discovered in ICONICS Suite versions 10.97.2 and 10.97.3 for…

Read more →

A sophisticated new ransomware strain dubbed “Ebyte” targeting Windows systems across North America and Europe. The ransomware has compromised thousands of systems since its detection three weeks ago, utilizing advanced encryption tactics that have challenged security experts. Initial infection vectors…

Read more →

A large-scale malware campaign targeting Android users through fraudulent Google Play Store download pages has been uncovered recently by CTM360. The sophisticated operation, which they’ve named ‘PlayPraetor,’ has infected thousands of devices across South-East Asia, particularly targeting financial institutions and…

Read more →

FortiGuard Labs has recently uncovered more than 5,000 malicious software packages designed to compromise Windows systems. These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data…

Read more →

Cybersecurity researchers have identified intensified activity from the SideWinder APT group throughout 2024, with significant updates to their toolset and expanded targeting beyond traditional military and government entities. Recent findings reveal that SideWinder has developed a massive new infrastructure to…

Read more →

The historical vulnerability of NULL pointer dereferences in macOS that previously allowed attackers to execute arbitrary code with kernel privileges has been unveiled recently by security analysts. Despite modern systems having robust mitigations, understanding these historical attack vectors provides valuable…

Read more →

A critical security vulnerability in Apache Tomcat (CVE-2025-24813) has exposed servers to remote code execution (RCE), information disclosure, and data corruption risks.  The flaw, rooted in improper handling of partial HTTP PUT requests, affects Tomcat versions 11.0.0-M1 to 11.0.2, 10.1.0-M1…

Read more →

The Linux kernel has taken a significant step toward improved security with the growing adoption of Rust programming language components aimed at eliminating memory safety bugs. The Rust for Linux project has reached a critical tipping point, with multiple drivers…

Read more →

A critical security flaw in Veritas’ Arctera InfoScale product line has exposed enterprise systems to remote code execution (RCE) attacks, underscoring persistent risks in disaster recovery infrastructure.  Tracked as CVE-2025-27816, the vulnerability (CVSS v3.1 score: 9.8) resides in the Windows…

Read more →

A critical Android vulnerability identified as CVE-2024-31317 has been discovered that allows attackers to execute arbitrary code with system privileges. The “Zygote Injection” vulnerability affects devices running Android 11 or older and enables attackers to escalate privileges from a shell…

Read more →

A sophisticated malware toolkit known as Ragnar Loader has been identified as a critical component in targeted ransomware attacks. The loader, also known as Sardonic Backdoor, serves as the primary infiltration mechanism for the Monstrous Mantis ransomware group, formerly known…

Read more →

A sophisticated cybercriminal group known as EncryptHub has successfully compromised approximately 600 organizations through a multi-stage malware campaign. The threat actor exploited operational security mistakes, inadvertently exposing critical elements of their infrastructure, which allowed researchers to map their tactics with…

Read more →

Google has rolled out a critical security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could enable arbitrary code execution and sandbox escapes.  The Stable Channel Update 134.0.6998.88/.89 for Windows and Mac, and 134.0.6998.88 for Linux, released on…

Read more →

Passwordless authentication tools are revolutionizing digital security by eliminating the reliance on traditional passwords. Instead, they use advanced technologies such as biometrics (fingerprints, facial recognition), hardware tokens, or one-time passcodes to verify user identities. This approach significantly enhances security by…

Read more →

CISA has likely added two VeraCore vulnerabilities, CVE-2024-57968 and CVE-2025-25181, to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation by the XE Group. These vulnerabilities impact VeraCore, a warehouse management software by Advantive, critical for supply chains in…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) updated its KEV catalog on March 10, 2025, to include three newly identified vulnerabilities in Ivanti Endpoint Manager (EPM), a widely used enterprise software for managing endpoints. The KEV catalog tracks vulnerabilities actively…

Read more →

Security researchers have identified a sophisticated attack campaign attributed to APT37, a North Korean state-sponsored hacking group also known as ScarCruft, Reaper, and Red Eyes. The group, active since 2012, has expanded its targets from South Korea to include Japan,…

Read more →

A security researcher known as newp1ayer48 has successfully demonstrated a method to extract firmware from IoT and embedded devices using direct Flash Memory dumps, providing valuable insights for security professionals and bug bounty hunters. The technique, while potentially risky for…

Read more →

Apple has taken another step toward the official release of iOS 18.4 by seeding the third developer beta of the update to testers late on March 10, 2025. This latest beta, identified by build number 22E5222f, arrives just one week…

Read more →