A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calendar invitations to deliver credential phishing campaigns, malware payloads, and zero-day exploits. Over…
Category: Cyber Security News
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected devices. The vulnerability, tracked as CVE-2025-12686 and identified by ZDI-CAN-28275, carries a critical…
WatchGuard Firebox Firewall Vulnerability Let Attackers Gain Unauthorized SSH Access
A critical vulnerability in WatchGuard Firebox firewalls could allow attackers to gain complete administrative access to the devices without any authentication. The flaw, tracked as CVE-2025-59396, stems from insecure default configurations that expose SSH access on port 4118 using hardcoded…
65% of Leading AI Companies Exposes Verified Secrets Including Keys and Tokens on GitHub
A new security investigation reveals that 65% of prominent AI companies have leaked verified secrets on GitHub, exposing API keys, tokens, and sensitive credentials that could compromise their operations and intellectual property. The wiz research, which examined 50 leading AI…
Zoom Vulnerabilities Let Attackers Bypass Access Controls to Access Session Data
Zoom has issued multiple security bulletins detailing patches for several vulnerabilities affecting its Workplace applications. The disclosures, published today, highlight two high-severity issues alongside medium-rated flaws, underscoring the ongoing challenges in securing video conferencing tools used by millions in hybrid…
Hackers Exploiting Triofox 0-Day Vulnerability to Execute Malicious Payload Abusing Anti-Virus Feature
Google Mandiant has disclosed active exploitation of CVE-2025-12480, a critical unauthenticated access vulnerability in Gladinet’s Triofox file-sharing platform. The threat cluster tracked as UNC6485 has been weaponizing this flaw since August 2025 to gain unauthorized administrative access and establish persistent remote control over…
SAP Security Update – Patch for Critical Vulnerabilities Allowing Code Execution and Injection Attacks
SAP released its monthly Security Patch Day updates, addressing 18 new security notes and providing two updates to existing ones, focusing on vulnerabilities that could enable remote code execution and various injection attacks across its product ecosystem. These patches are…
Threat Actors Leverage RMM Tools to Deploy Medusa & DragonForce Ransomware
A sophisticated wave of ransomware attacks targeting UK organizations has emerged in 2025, exploiting vulnerabilities in the widely-used SimpleHelp Remote Monitoring and Management platform. Two prominent ransomware groups, Medusa and DragonForce, have weaponized three critical vulnerabilities (CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728)…
CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in Attacks
CISA has added a critical zero-day vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities catalog. Warning that threat actors are actively exploiting the flaw in real-world attacks. The vulnerability, tracked as CVE-2025-21042, is an out-of-bounds write vulnerability in the…
Threat Actors Actively Hacking Websites to Inject Malicious Links and Boost their SEO
Cybercriminals are increasingly targeting websites to inject malicious links and boost their search engine optimization rankings through sophisticated blackhat SEO tactics. This campaign primarily focuses on online casino spam, which has become the most prevalent type of spam content affecting…
APT Groups Attacking Construction Industry Networks to Steal RDP, SSH and Citrix Logins
The construction industry has emerged as a lucrative target for advanced persistent threat groups and organized cybercriminal networks seeking unauthorized access to corporate systems. State-sponsored APT groups from China, Russia, Iran, and North Korea are increasingly focusing their operations on…
Chinese Cybersecurity Firm Data Breach Exposes State-Sponsored Hackers Cyber Weapons and Target List
In early November 2025, Knownsec, one of China’s largest cybersecurity firms with direct government ties, experienced a catastrophic data breach that exposed over 12,000 classified documents. The incident revealed the scale and sophistication of state-sponsored cyber operations, including detailed information…
OWASP Top 10 2025 – Revised Version Released With Two New Categories
The Open Web Application Security Project (OWASP) has unveiled the 2025 edition of its flagship OWASP Top 10 2025, marking the eighth installment and introducing significant updates to address evolving software security threats. Released on November 6, 2025, this revised…
LangGraph Vulnerability Allows Malicious Python Code Execution During Deserialization
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization system. The flaw CVE-2025-64439 affects versions of langgraph-checkpoint before 3.0. It allows attackers to execute arbitrary Python code when untrusted data is deserialized. The vulnerability resides in…
Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution
A critical security flaw has been discovered in the widely used npm package expr-eval, potentially exposing AI and natural language processing applications to remote code execution attacks. The vulnerability, tracked as CVE-2025-12735, allows attackers to execute arbitrary system commands through maliciously…
New Report Warns of Threat Actors Actively Adopting AI Platforms to Attack Manufacturing Companies
The manufacturing sector faces an escalating threat landscape as cybercriminals increasingly exploit cloud-based platforms and artificial intelligence services to conduct sophisticated attacks. A comprehensive analysis by Netskope Threat Labs reveals that approximately 22 out of every 10,000 manufacturing users encounter…
Fired Intel Engineer Stolen 18,000 Files, Many of which Were Classified as “Top Secret”
Intel has filed a federal lawsuit against a former employee accused of downloading thousands of classified documents shortly after being terminated, raising serious concerns about corporate data security and insider threats. Jinfeng Luo, a software developer who has worked at…
10 Popular Black Friday Scams – How to Detect the Red Flags and Protect your wallet and Data
Black Friday 2025 represents the most dangerous shopping season in cybercrime history, with fraudsters leveraging artificial intelligence, deepfake technology, and sophisticated social engineering tactics to target millions of consumers globally. Recent cybersecurity research indicates that scam websites surged 89% year-over-year,…
Elastic Defend for Windows Vulnerability Let Attackers Escalate Privileges
Elastic has disclosed a significant security vulnerability in Elastic Defend for Windows that could allow attackers to escalate their privileges on affected systems. Tracked as CVE-2025-37735 and designated as ESA-2025-23, the flaw stems from improper permission preservation within the Defend…
Google’s Gemini Deep Research Tool Gains Access to Gmail, Chat, and Drive Data
Google has expanded its Gemini AI model’s Deep Research feature to pull data directly from users’ Gmail, Google Drive, and Google Chat accounts. Announced today, this update allows the tool to integrate personal emails, documents, spreadsheets, slides, PDFs, and chat…