Category: Cyber Security News

A server briefly linked to the notorious KeyPlug malware has inadvertently exposed a comprehensive arsenal of exploitation tools specifically designed to target Fortinet firewall and VPN appliances. The infrastructure, which security researchers have attributed to the RedGolf threat group (overlapping…

Read more →

Digital transformation is no longer a buzzword it is a strategic imperative for organizations seeking to stay competitive in an ever-evolving landscape. As businesses embrace cloud computing, artificial intelligence, IoT, and remote work, the attack surface expands exponentially. This evolution…

Read more →

The rapid evolution of generative AI has fundamentally transformed the landscape of cybersecurity, especially in the context of red teaming. Traditionally, red teams have focused on simulating adversarial attacks to uncover vulnerabilities in networks, software, and infrastructure. However, the unpredictable…

Read more →

Fortinet has announced the complete removal of SSL VPN tunnel mode functionality in the upcoming FortiOS 7.6.3 release.  This change, affecting all FortiGate models regardless of size, marks the culmination of Fortinet’s gradual phase-out of SSL VPN that began with…

Read more →

In today’s hyper-connected world, cybersecurity is no longer the sole responsibility of a dedicated security team. As organizations scale and technology becomes increasingly integrated into every aspect of business, the risks and attack surfaces multiply. Yet, security teams are often…

Read more →

Passive DNS has emerged as a critical tool for cybersecurity professionals seeking to identify and track malicious command and control (C2) infrastructure. By creating a historical record of DNS activities, security teams can follow the digital breadcrumbs left by threat…

Read more →

A major security incident has come to light involving more than six million installations of Chrome browser extensions that secretly execute remote commands, track user activity, and potentially expose sensitive information. John Tuckner of secure Annex have identified at least…

Read more →

A sophisticated Android spyware campaign has been uncovered, disguising itself as the official application of the Chinese Prosecutor’s Office (检察院). This advanced variant of the SpyMax/SpyNote family targets Chinese-speaking users across mainland China and Hong Kong, exploiting Android Accessibility Services…

Read more →

On April 16, 2025, millions of users worldwide found themselves unable to access Zoom, the widely used video conferencing platform, due to a critical outage that lasted nearly two hours. The disruption, which began at 11:25 AM PDT and was…

Read more →

A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain root access.  The vulnerability, assigned a CVSS score of 7.8, uncovered by…

Read more →

Memory forensics has become an indispensable component of modern incident response strategies, enabling security teams to detect and analyze sophisticated threats that would otherwise remain hidden. Unlike traditional disk forensics, memory analysis provides insights into running processes, network connections, and…

Read more →

The financial sector faces increasingly sophisticated cyber threats, with system intrusion remaining the leading attack pattern for the third consecutive year. Advanced Persistent Threat (APT) groups specifically target financial institutions using various tools, techniques, and procedures. YARA rules provide a…

Read more →

Web server hardening is a critical security process that reduces an organization’s attack surface and helps defend against ransomware, malware, and other cyberthreats. In today’s threat landscape, web servers are prime targets for attackers as they often serve as the…

Read more →

A federal whistleblower “Daniel Berulis”, A senior DevSecOps architect has allegedly sent a affidavit document of a U.S DOGE significant data breach at the National Labor Relations Board (NLRB), claiming that personnel from the Department of Government Efficiency (DOGE) accessed…

Read more →

A significant evolution in distributed denial-of-service (DDoS) malware has been detected, with the latest version of XorDDoS continuing to spread globally between November 2023 and February 2025. This Linux-targeting trojan transforms compromised machines into “zombie bots” that can be coordinated…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding multiple Apple 0-day vulnerabilities currently being actively exploited in targeted attacks. These critical security flaws affect a wide range of Apple products, including iOS, iPadOS, macOS, and…

Read more →

A critical remote code execution vulnerability in Erlang/OTP’s SSH implementation has security teams scrambling to patch affected systems after researchers confirmed the development of a proof-of-concept exploit. The vulnerability, tracked as CVE-2025-32433 and assigned the maximum possible CVSS score of…

Read more →

17,000+ Fortinet devices worldwide have been compromised in a sophisticated cyberattack that leverages a symbolic link persistence technique, according to new findings from Shadowserver. The number of affected devices has climbed from an initial report of 14,000 to 17,000, with…

Read more →

A sophisticated ransomware group known as CrazyHunter has emerged as a significant threat to organizations, particularly those in Taiwan’s critical infrastructure sectors. This newly identified threat actor has been conducting targeted attacks against healthcare facilities, educational institutions, and industrial organizations…

Read more →

Microsoft’s security landscape faced unprecedented challenges in 2024, with vulnerability reports soaring to an all-time high of 1,360 identified security flaws across the company’s product ecosystem. This alarming figure represents the highest number recorded since systematic tracking began, highlighting the…

Read more →