Category: Cyber Security News

The cybersecurity world witnessed an unprecedented breach on May 7, 2025 when an anonymous threat actor known as “xoxo from Prague” successfully infiltrated LockBit’s administrative panel, replacing their Tor website with the message “Don’t do crime CRIME IS BAD xoxo…

Read more →

Cybersecurity researchers have achieved a significant breakthrough in automated vulnerability detection by successfully leveraging Claude AI to identify zero-day exploits in .NET assemblies. This innovative approach combines artificial intelligence with reverse engineering techniques to discover previously unknown security flaws in…

Read more →

A sophisticated cybercriminal enterprise known as VexTrio has orchestrated one of the most extensive WordPress compromise campaigns ever documented, hijacking hundreds of thousands of websites globally to operate massive traffic distribution systems (TDS) that funnel victims into elaborate scam networks.…

Read more →

A security researcher has published a detailed analysis demonstrating how Kernel Address Space Layout Randomization (KASLR) protections can be circumvented on Windows 11 24H2 systems through exploitation of an HVCI-compatible driver with physical memory access capabilities. The research, published by…

Read more →

The National Institute of Standards and Technology (NIST) has published a new resource to aid organizations in implementing zero trust architectures (ZTAs), a cybersecurity approach that assumes no user or device is inherently trustworthy. The guidance, titled Implementing a Zero…

Read more →

Tenable, a prominent cybersecurity provider, has released version 10.8.5 of its Agent software to address three critical security vulnerabilities affecting Windows hosts running versions prior to 10.8.5. These flaws, identified as CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633, could allow non-administrative users to…

Read more →

A sophisticated new variant of the AMOS macOS stealer has emerged, demonstrating unprecedented levels of technical sophistication in its distribution and obfuscation methods. The malware leverages GitHub repositories as distribution platforms, exploiting the platform’s legitimacy to bypass security measures and…

Read more →

The cryptocurrency and blockchain development ecosystem is facing an unprecedented surge in sophisticated malware campaigns targeting the open source supply chain. Over the past year, threat actors have significantly escalated their attacks against Web3 developers by publishing malicious packages to…

Read more →

Cross-strait tensions have escalated into a new domain as China and Taiwan engage in unprecedented mutual accusations of cyberwarfare targeting critical infrastructure systems. The diplomatic dispute has intensified following Taiwan President Lai Ching-te’s first year in office, during which both…

Read more →

The penetration testing community has received a significant upgrade with the release of Kali Linux 2025.2, marking another milestone in the evolution of this essential cybersecurity platform. This latest version introduces groundbreaking smartwatch capabilities, a completely redesigned menu system, and…

Read more →

Microsoft 365 users across Asia Pacific, Europe, the Middle East, and Africa are experiencing significant authentication disruptions that are preventing administrators from adding multifactor authentication (MFA) sign-in methods to user accounts. The service degradation, which began affecting users on Friday,…

Read more →

Despite sustained international pressure, sanctions, and public exposures over the past two years, the sophisticated Predator mobile spyware has demonstrated remarkable resilience, continuing to evolve and adapt its infrastructure to evade detection while maintaining operations across multiple continents. The mercenary…

Read more →

Cybersecurity researchers have identified a sophisticated new phishing campaign that exploits GitHub’s OAuth2 device authorization flow to compromise developer accounts and steal authentication tokens. This emerging threat represents a significant evolution in social engineering tactics, leveraging legitimate GitHub functionality to…

Read more →

A severe security vulnerability has been discovered in the Acer Control Center software, which could allow attackers to execute arbitrary code with system-level privileges.  The vulnerability, identified in the ACCSvc.exe process, involves misconfigured Windows Named Pipe permissions that enable unauthenticated…

Read more →

A sophisticated new attack method called “SmartAttack” that can breach supposedly secure air-gapped computer systems using smartwatches as covert data receivers.  The groundbreaking research demonstrates how attackers can exploit ultrasonic frequencies to exfiltrate sensitive information from isolated networks, challenging traditional…

Read more →

A critical spoofing vulnerability in Microsoft Defender for Identity (MDI) allows unauthenticated attackers to escalate privileges and gain unauthorized access to Active Directory environments.  The vulnerability, designated as CVE-2025-26685, exploits the Lateral Movement Paths (LMPs) feature in the MDI sensor,…

Read more →

A proof-of-concept exploit published for CVE-2025-21420, a newly discovered elevation of privilege vulnerability affecting the Windows Disk Cleanup Tool (cleanmgr.exe).  The vulnerability allows attackers to escalate privileges to SYSTEM level by exploiting improper link resolution mechanisms within the SilentCleanup scheduled…

Read more →

A critical vulnerability that allows attackers to bypass AI-powered content moderation systems using minimal text modifications.  The “TokenBreak” attack demonstrates how adding a single character to specific words can fool protective models while preserving the malicious intent for target systems,…

Read more →

A significant security vulnerability in HashiCorp Nomad workload orchestrator that allows attackers to escalate privileges by exploiting the Access Control List (ACL) policy lookup mechanism.  The vulnerability, tracked as CVE-2025-4922, affects both Community and Enterprise editions of Nomad across multiple…

Read more →

The Fog ransomware group has evolved beyond conventional attack methods, deploying an unprecedented arsenal of legitimate pentesting tools in a sophisticated May 2025 campaign targeting a financial institution in Asia. This latest operation marks a significant departure from typical ransomware…

Read more →

Cybersecurity researchers have uncovered a sophisticated ransomware campaign targeting utility billing software providers through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) systems. The attack represents a concerning evolution in ransomware tactics, where threat actors are leveraging trusted remote…

Read more →

The advanced Graphite mercenary spyware, developed by Paragon, targets journalists through a sophisticated zero-click vulnerability in Apple’s iOS. At least three European journalists have been confirmed as targets, with two cases forensically verified. The spyware exploited a zero-day vulnerability in iOS…

Read more →

A critical zero-day vulnerability in WebDAV implementations that enables remote code execution, with proof-of-concept exploit code now publicly available on GitHub.  The vulnerability, tracked as CVE-2025-33053, has reportedly been actively exploited by advanced persistent threat (APT) groups in targeted campaigns…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware campaign that leveraged an advanced JavaScript obfuscation technique to compromise hundreds of legitimate websites and redirect unsuspecting visitors to malicious content. The campaign, which infected over 269,000 webpages between March and April 2025,…

Read more →

Two of the internet’s most critical infrastructure providers experienced significant service outages yesterday, disrupting millions of users worldwide as both Cloudflare and Google services suffered widespread failures within hours of each other. Cloudflare’s extensive service disruption began at approximately 18:19…

Read more →

The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns. DragonForce ransomware group launched in 2023…

Read more →

Cybersecurity firm Cloudflare has issued a stark warning about the escalating threat landscape facing independent media organizations worldwide, revealing that journalists and news outlets have become the primary targets of sophisticated distributed denial-of-service (DDoS) attacks. The company’s latest Project Galileo…

Read more →

Cybercriminals have discovered a sophisticated new attack vector that exploits a critical flaw in Discord’s invitation system, allowing them to hijack expired invite links and redirect unsuspecting users to malicious servers hosting advanced malware campaigns. This emerging threat leverages the…

Read more →

A critical command injection vulnerability in Palo Alto Networks PAN-OS operating system enables authenticated administrative users to escalate privileges and execute commands as the root user.  Designated as CVE-2025-4231, this medium-severity vulnerability affects multiple versions of the company’s firewall operating…

Read more →

A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive users into believing malicious content was legitimately signed by trusted sources. The flaw, designated CVE-2025-47934, represents a fundamental breach of…

Read more →

Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand…

Read more →

Microsoft is set to launch a significant security enhancement for Outlook users across multiple platforms. Starting April 2025, the company will roll out a new two-click verification feature for encrypted emails, requiring users to confirm their intent to access sensitive…

Read more →

SoftBank Corporation, an investment holding company, disclosed a significant data breach affecting 137,156 mobile subscribers through compromised third-party infrastructure.  The incident, which occurred in December 2024 but was only discovered in March 2025, represents a critical failure in vendor security…

Read more →

A sophisticated new Remote Access Trojan known as CyberEYE has emerged as a significant threat to Windows systems, demonstrating advanced capabilities to completely disable Windows Defender through a combination of PowerShell commands and registry manipulations. This modular, .NET-based malware leverages…

Read more →

Microsoft has resolved a critical bug in Windows Server 2025 that caused Active Directory Domain Controllers to improperly manage network traffic after system restarts, resulting in service disconnections and application failures.  The comprehensive patch, identified as KB5060842, was deployed on…

Read more →

A sophisticated cyber threat campaign leveraging malicious unsubscribe links has emerged as a significant security concern, targeting unsuspecting email users across the globe. This deceptive attack vector exploits users’ natural desire to clean up their inboxes, transforming what appears to…

Read more →

A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise entire development infrastructures. The company released emergency patch versions 18.0.2, 17.11.4, and 17.10.8…

Read more →

A comprehensive security investigation has revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that exposed authentication credentials and enabled attackers to impersonate legitimate users across enterprise environments. The vulnerabilities, which affect OneLogin’s widely-used identity and access management platform,…

Read more →

A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide.  The vulnerability, catalogued as CVE-2025-4230, enables authenticated administrators with command-line interface (CLI) access to execute arbitrary commands with…

Read more →

Threat actors are allegedly offering the complete source code of a sophisticated Malware-as-a-Service (MaaS) botnet for sale.  This advanced malicious framework represents a significant escalation in cybercriminal capabilities, leveraging legitimate enterprise-grade technologies and blockchain integration to create a highly resilient…

Read more →

Multiple critical security vulnerabilities in the Trend Micro Apex One enterprise security platform could enable attackers to inject malicious code and escalate privileges on affected systems.  The company released emergency patches on June 9, 2025, to address five distinct vulnerabilities tracked under…

Read more →

A sophisticated account takeover campaign has emerged, exploiting a legitimate penetration testing framework to compromise Microsoft Entra ID environments across hundreds of organizations worldwide. The malicious activity, which began intensifying in December 2024, demonstrates how cybercriminals are increasingly weaponizing security…

Read more →

Cybersecurity researchers have identified a sophisticated new campaign where threat actors are leveraging Windows batch files to deliver the notorious Quasar Remote Access Trojan (RAT). This attack vector represents a concerning evolution in malware distribution tactics, as attackers continue to…

Read more →

A critical zero-day vulnerability affecting Windows systems that allows attackers to achieve privilege escalation through a novel Reflective Kerberos Relay Attack.  The vulnerability, designated CVE-2025-33073, was patched by Microsoft on June 10, 2025, as part of their monthly Patch Tuesday…

Read more →

A significant coordinated attack campaign targeting Apache Tomcat Manager interfaces, with threat actors leveraging approximately 400 unique IP addresses in a concentrated attack that peaked on June 5, 2025.  The attack represents a substantial increase in malicious activity, with observed…

Read more →

A sophisticated new threat platform, Nytheon AI, has emerged, which combines multiple uncensored large language models (LLMs) built specifically for malicious activities. The platform, discovered by Cato CTRL, is being actively promoted on popular hacking forums, including XSS and various…

Read more →

CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks.  This coordinated effort, involving cybersecurity authorities from nine countries, including Australia, Canada, the United Kingdom, and…

Read more →

A critical zero-click vulnerability in Microsoft 365 Copilot, dubbed “EchoLeak,” enables attackers to automatically exfiltrate sensitive organizational data without requiring any user interaction. The vulnerability represents a significant breakthrough in AI security research, introducing a new class of attack called…

Read more →

Phishing attacks aren’t what they used to be. Hackers no longer rely on crude misspellings or sketchy email addresses. Instead, they use clever tricks to dodge detection tools and fool even cautious users.   Let’s break down three evasion techniques that…

Read more →

Secure code review represents a critical security practice that systematically examines software source code to identify and remediate security vulnerabilities before they reach production environments. This comprehensive examination serves as a proactive defense mechanism, enabling development teams to detect security…

Read more →

A critical security vulnerability in the Windows Common Log File System Driver (CLFS) enables attackers to escalate their privileges to SYSTEM level access.  The vulnerability, tracked as CVE-2025-32713, was released on June 10, 2025, and affects multiple Windows operating systems…

Read more →

A sophisticated wave of Linux malware campaigns is targeting cloud environments with increasing frequency and complexity, posing significant threats to modern infrastructure security. The emergence of specialized Executable and Linkable Format (ELF) binaries designed specifically for cloud exploitation represents a…

Read more →

A sophisticated cybercrime campaign has emerged where threat actors are exploiting the trust inherent in professional recruitment processes, transforming routine job applications into sophisticated malware delivery mechanisms. The FIN6 cybercrime group, also known as Skeleton Spider, has developed an elaborate…

Read more →

A significant security vulnerability in Windows Task Scheduler could allow attackers to escalate their privileges to SYSTEM level access without requiring initial administrative rights.  Designated as CVE-2025-33067, this elevation of privilege vulnerability affects multiple versions of Windows operating systems and…

Read more →

The OWASP Top 10 2021 represents the most critical web application security risks facing organizations today, with significant shifts reflecting the evolving threat landscape. Broken Access Control has risen to the top position, affecting 94% of tested applications. At the…

Read more →

A recent cybersecurity investigation has uncovered a staggering reality: over 40,000 internet-connected security cameras are streaming live footage openly across the web without any password protection or security measures. These devices, originally designed to enhance security and provide peace of…

Read more →

Threat intelligence represents a paradigm shift from reactive to proactive cybersecurity, providing organizations with actionable insights to detect, prevent, and respond to cyber threats more effectively. By leveraging structured data about current and emerging threats, security teams can make informed…

Read more →

This comprehensive technical guide presents a systematic approach to developing and implementing a robust cybersecurity incident response plan, incorporating industry-standard frameworks, automation tools, and practical code examples. The guide combines theoretical foundations from NIST SP 800-61 and SANS methodologies with…

Read more →

A high-severity security vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Private 5G Core platform that could allow unauthorized actors to access and download sensitive system files.  The vulnerability, tracked as CVE-2025-37100 affects critical infrastructure components used by enterprises for…

Read more →

Microsoft announced significant security enhancements for Outlook Web and the New Outlook for Windows, introducing new restrictions on file attachments commonly exploited by cybercriminals. Starting in early July 2025, the technology giant will block two specific file types that have…

Read more →

Advanced Persistent Threats (APTs) represent one of the most sophisticated and dangerous categories of cyberattacks currently facing organizations. Unlike conventional cyberattacks that aim for immediate impact, APTs are characterized by their stealth, persistence, and long-term objectives, often involving state-sponsored actors…

Read more →

Insider threats represent one of the most challenging cybersecurity risks facing modern organizations, with research indicating that insider data leaks typically involve five times more files and records than breaches conducted by external threat actors. This comprehensive technical guide offers…

Read more →

The proliferation of microservices architecture has fundamentally transformed how organizations build and deploy applications, offering unprecedented scalability and agility. However, this distributed approach introduces complex security challenges that traditional monolithic security models cannot adequately address. Unlike centralized security in monolithic…

Read more →

Microsoft is set to revolutionize enterprise security monitoring with comprehensive audit logging capabilities for screen sharing and control features in Microsoft Teams, rolling out in July 2025. Microsoft announced a significant enhancement to its enterprise security toolkit with the introduction…

Read more →

Microsoft has announced the introduction of two powerful new data tables to its Defender XDR advanced hunting capabilities, marking a significant enhancement to the platform’s threat detection and investigation capabilities. The CampaignInfo and FileMaliciousContentInfo tables will provide security operations center…

Read more →

Microsoft has announced a significant productivity enhancement coming to Microsoft 365 that will allow users to open core collaboration applications in separate windows, marking a major step forward in workspace customization and multitasking capabilities. The new feature, identified under Microsoft…

Read more →

A critical security vulnerability in Windows Remote Desktop Services, designated as CVE-2025-32710, which allows unauthorized attackers to execute arbitrary code remotely without authentication.  Released on June 10, 2025, this vulnerability affects multiple Windows Server versions and carries a CVSS score…

Read more →

A critical security flaw in Salesforce OmniStudio has been discovered that allows unauthorized access to sensitive customer information stored in plain text format, potentially affecting thousands of organizations worldwide. The vulnerability exploits inadequate data encryption protocols within the platform’s digital…

Read more →

Mozilla has released Firefox 139.0.4 to address critical security vulnerabilities that could potentially cause browser crashes and compromise user security.  These high-impact vulnerabilities CVE-2025-49709 and CVE-2025-49710 exploit fundamental components of Firefox’s graphics rendering system and JavaScript engine, respectively, posing risks…

Read more →

A significant security vulnerability in the Microsoft Outlook email client could allow attackers to execute arbitrary code remotely, even if they require local access to trigger the exploit.  The vulnerability, designated as CVE-2025-47176, was released on June 10, 2025, and…

Read more →

Google has released an important security update for Chrome Desktop, addressing two high-severity vulnerabilities that could enable attackers to execute malicious code remotely on users’ systems. The Stable channel has been updated to version 137.0.7151.103/.104 for Windows and Mac, and…

Read more →

A comprehensive new cybersecurity assessment has revealed that internet connectivity poses the most significant threat to industrial control systems (ICS) worldwide, with malicious activities targeting critical infrastructure through web-based attack vectors reaching unprecedented levels. The latest quarterly threat landscape report…

Read more →

A sophisticated Python-based malware campaign has emerged targeting Instagram users desperate for social media growth, disguising itself as a legitimate follower-boosting tool while secretly harvesting login credentials. The malicious PyPI package, identified as “imad213,” presents itself professionally on GitHub with…

Read more →

Modern cybersecurity threats have evolved beyond traditional perimeter defenses, necessitating the adoption of proactive hunting methodologies that anticipate breach scenarios. This comprehensive guide explores advanced threat hunting strategies, technical frameworks, and practical implementation approaches that enable security professionals to identify…

Read more →

Microsoft has rolled out the June 2025 Patch Tuesday update for Windows 11, version 24H2, with the release of KB5060842 (OS Build 26100.4349). This security-focused update addresses critical vulnerabilities and includes enhancements from the previous preview update, KB5058499, released on…

Read more →

Microsoft has rolled out a new cumulative update, KB5060999, for Windows 11 versions 22H2 and 23H2, targeting Enterprise, Education, and all editions. This update, impacting OS Builds 22621.5472 and 22631.5472, focuses primarily on bolstering security for the Windows operating system.…

Read more →

Decentralized applications (DApps) have revolutionized blockchain technology by enabling trustless, transparent operations across various industries. However, with over $6 billion lost to security breaches in 2024 alone, protecting these applications has become paramount for developers and organizations. This comprehensive guide…

Read more →

A sophisticated cyberattack campaign by the advanced persistent threat group, Stealth Falcon, which exploited a previously unknown zero-day vulnerability to target a major Turkish defense company and execute malware remotely. The attack leveraged CVE-2025-33053, a remote code execution vulnerability that…

Read more →

Fortinet has released security updates addressing multiple vulnerabilities across its product portfolio, including FortiOS, FortiAnalyzer, FortiProxy, and FortiWeb systems. The cybersecurity company’s Product Security Incident Response Team (PSIRT) published advisories covering flaws ranging from privilege escalation to command injection vulnerabilities…

Read more →

Microsoft has confirmed that a critical zero-day vulnerability in its Web Distributed Authoring and Versioning (WebDAV) implementation is being actively exploited by attackers in the wild, prompting an urgent security update as part of June 2025’s Patch Tuesday. The vulnerability,…

Read more →

Cybercriminals are intensifying their exploitation of ConnectWise ScreenConnect, a legitimate remote monitoring and management (RMM) tool, to deploy sophisticated malware campaigns targeting global financial organizations. This alarming trend represents a significant evolution in threat actor tactics, as attackers leverage digitally…

Read more →

India’s Central Bureau of Investigation successfully dismantled a sophisticated transnational cybercriminal network that impersonated Microsoft technical support services, targeting vulnerable older adults primarily in Japan. The coordinated operation on May 28, 2025, involved raids across 19 locations throughout India, resulting…

Read more →

Kubernetes has become the de facto standard for container orchestration, but its complex architecture introduces numerous security challenges that organizations must address proactively. Securing a Kubernetes cluster requires a multi-layered approach encompassing control plane protection, robust authentication mechanisms, network segmentation,…

Read more →

Microsoft has released its monthly Patch Tuesday updates, addressing a total of 66 vulnerabilities in its product suite. This release includes a remediation for one zero-day vulnerability that is currently being actively exploited, as well as another vulnerability that has…

Read more →

A sophisticated cyberattack campaign by the advanced persistent threat group, Stealth Falcon, which exploited a previously unknown zero-day vulnerability to target a major Turkish defense company and execute malware remotely. The attack leveraged CVE-2025-33053, a remote code execution vulnerability that…

Read more →

Modern phishing attacks have evolved far beyond simple deceptive emails, now incorporating AI-generated content, deepfake impersonation, and sophisticated social engineering techniques that bypass traditional security measures. Organizations face an unprecedented challenge as cybercriminals leverage artificial intelligence to create compelling phishing…

Read more →

Fortinet has disclosed a new security vulnerability affecting its FortiOS SSL-VPN web-mode that allows authenticated users to gain unauthorized access to complete SSL-VPN configuration settings through specially crafted URLs. The vulnerability, designated as CVE-2025-25250, was published today and affects multiple…

Read more →

Salesforce’s cloud platform Heroku is currently experiencing a widespread service disruption that has affected thousands of businesses around the globe. The outage, which began earlier today, has crippled critical platform services including authentication systems and deployment pipelines, leaving developers unable…

Read more →

In today’s dynamic threat landscape, Threat Intelligence (TI) feeds have become a must-have for Security Operations Centers (SOCs). Whether free or paid, they offer vital insights helping teams identify threats, develop detection rules, enrich alerts, and accelerate incident response.   Threat intelligence feeds…

Read more →

A sophisticated new wave of phishing attacks is exploiting Microsoft SharePoint’s trusted platform to bypass traditional security measures, representing a significant evolution in cyberthreat tactics. These attacks leverage SharePoint’s inherent legitimacy within corporate environments to deceive users into believing they…

Read more →

SQL injection represents one of the most persistent and dangerous web application vulnerabilities, consistently ranking among the top security threats in the OWASP Top 10.  This comprehensive technical guide explores the mechanics of SQL injection attacks, demonstrates practical exploitation techniques,…

Read more →

Qpoint has released Qtap, an open-source eBPF agent for monitoring network traffic in Linux systems. It hooks into TLS/SSL functions to capture data before and after encryption, showing unencrypted traffic with details like process, container, host, user, and protocol. Qtap…

Read more →

Linux servers power much of our digital infrastructure, from corporate intranets to cloud services. Their security is paramount in today’s threat landscape. This comprehensive hardening guide provides concrete steps to secure your Linux servers against various attack vectors, complete with…

Read more →

A critical security vulnerability has been discovered in SAP NetWeaver Application Server for ABAP that allows authenticated attackers to bypass standard authorization checks and escalate their privileges within enterprise systems.  The vulnerability, tracked as CVE-2025-42989 and assigned a CVSS score…

Read more →

Fortinet, a leading provider of cybersecurity solutions, has recently addressed a significant security vulnerability, CVE-2023-42788, classified as an OS command injection issue under CWE-78. This vulnerability affects multiple products earlier including FortiManager, FortiAnalyzer, and today Fortinet confirmed that the vulnerability…

Read more →

Ivanti has issued urgent security updates for its Workspace Control platform after discovering three high-severity vulnerabilities that could allow attackers to decrypt stored SQL credentials. The company released patches addressing these security flaws, which affect versions 10.19.0.0 and earlier of…

Read more →

Active Directory (AD) serves as the backbone of enterprise authentication and authorization, making it a prime target for cybercriminals. According to Microsoft’s Digital Defense Report 2022, 98% of organizations hit by cyberattacks had no privilege isolation in Active Directory via…

Read more →

A significant data breach involving personal information from hundreds of Canva Creators program participants, exposed through an unsecured AI chatbot database operated by a Russian company.  The incident highlights emerging security vulnerabilities in the rapidly expanding artificial intelligence supply chain.…

Read more →

A critical security vulnerability has been discovered in ISPConfig version 3.2 build 12p1 that allows authenticated remote users to escalate their privileges to superadmin status and subsequently execute arbitrary PHP code on affected systems.  The vulnerability, identified by an independent…

Read more →

The cybersecurity landscape continues to face persistent threats from sophisticated Advanced Persistent Threat (APT) groups, with one particularly active campaign drawing significant attention from security researchers. The Librarian Ghouls APT group, also operating under the aliases “Rare Werewolf” and “Rezet,”…

Read more →