At present, many computers are connected via numerous networks. Monitoring all traffic and having something to filter out good and harmful traffic is critical, and we achieve this with an application or service known as a firewall. Early firewalls were…
Category: Cyber Security News
Top 10 Best EDR Solutions (Endpoint Detection & Response) In 2025
Endpoint Detection and Response (EDR) solutions have become crucial for organizations to protect their devices and data from cyber threats. As of 2025, several top EDR solutions stand out in the market. CrowdStrike Falcon Insight XDR is widely recognized for…
Hacker Claims Sale of 6 Million Records Stolen from Oracle Cloud Servers
A threat actor named “rose87168” claimed to have stolen six million records from Oracle Cloud servers. The stolen data reportedly includes Java Key Store (JKS) files, encrypted Single Sign-On (SSO) passwords, hashed Lightweight Directory Access Protocol (LDAP) passwords, key files,…
VMware Vulnerabilities Exploited Actively to Bypass Security Controls & Deploy Ransomware
A surge of ransomware attacks leveraging critical VMware virtualization vulnerabilities has triggered global alerts. Threat actors exploit flaws in ESXi, Workstation, and Fusion products to paralyze enterprise infrastructures. The vulnerabilities CVE-2025-22224 (CVSS 9.3), CVE-2025-22225 (CVSS 8.2), and CVE-2025-22226 (CVSS 7.1)…
Russian 0-Day Seller Offering Record Breaking $4,000,000 for Full Chain Telegram Exploits
A Russian exploit brokerage firm, Operation Zero, has publicly announced bounties of up to $4 million for zero-day vulnerabilities in Telegram, signaling heightened state-sponsored interest in compromising the popular messaging app. The company, which exclusively serves the Russian government and…
Attackers Using Weaponized CAPTCHA’s to Execute PowerShell Commands & Install Malware
A growing attack trend since the second half of 2024 involves threat actors using fake CAPTCHA challenges to trick users into executing malicious PowerShell commands and infecting their systems with dangerous malware. These sophisticated social engineering tactics leverage users’ familiarity…
Researchers Unboxed FIN7’s Stealthy Python-based Anubis Backdoor
Cybersecurity experts have identified a sophisticated new backdoor tool developed by the notorious financial cybercrime group FIN7. The Python-based malware, dubbed “Anubis Backdoor,” represents an evolution in the group’s tactics, techniques, and procedures (TTPs) that have historically caused billions in…
JumpServer Vulnerabilities Let Attacker Bypass Authentication & Gain Complete Control
A series of critical vulnerabilities discovered in JumpServer, an open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has raised significant security concerns. JumpServer serves as a bastion host to internal networks, offering a centralized point for accessing internal resources…
Researchers Details macOS Vulnerability That Exposes System Passwords
Recent revelations about a critical vulnerability affecting macOS systems have raised significant concerns among cybersecurity professionals and users alike. The flaw, which potentially exposes sensitive system passwords, has been thoroughly analyzed and documented in a newly released report. This vulnerability…
Veeam RCE Vulnerability Let Any Domain User Hack the Backup Servers
A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges. The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds, demonstrating how blacklist-based…
Over 150 US Government Database Servers Exposed to the Internet – New Report
Over 150 government database servers normally hidden behind layers of security are now directly exposed to the Internet, leaving Americans’ data vulnerable to cyberattacks. A groundbreaking open-source investigation has revealed what experts describe as “one of history’s largest exposures of…
Beware of Fake Meta Email’s From Hackers That Steal Your Ad Account Login’s
A dangerous new phishing campaign targeting businesses that use Meta platforms for advertising has been discovered. The scam begins with users receiving an urgent email claiming “YOUR ADS ARE TEMPORARILY SUSPENDED” due to alleged violations of Instagram’s Advertising Policies and…
Hackers Are Actively Exploiting Apache Tomcat Servers – Patch Now!
Threat actors actively exploit a critical vulnerability in Apache Tomcat, tracked as CVE-2025-24813, which could enable unauthorized remote code execution (RCE) on vulnerable servers. The vulnerability, first disclosed on March 10, 2025, has already seen exploitation attempts beginning just 30…
Albabat Ransomware Attacking Windows, Linux & macOS by Leveraging GitHub
A new cross-platform threat has emerged in the ransomware landscape as researchers uncover new versions of Albabat ransomware targeting Windows, Linux, and macOS systems simultaneously. The ransomware operators have implemented a sophisticated approach to manage their operations through GitHub repositories,…
UAT-5918 Hackers Exploiting Exposed Web and Application Servers N-Day Vulnerabilities
A sophisticated threat actor tracked as UAT-5918 has been observed actively exploiting known vulnerabilities in web and application servers that remain unpatched across multiple organizations. The campaign, which began in early 2025, primarily targets infrastructures running outdated versions of Apache,…
Hackers Are Actively Exploiting Apache Tomcat Servers Exploiting – Patch Now
Threat actors actively exploit a critical vulnerability in Apache Tomcat, tracked as CVE-2025-24813, which could enable unauthorized remote code execution (RCE) on vulnerable servers. The vulnerability, first disclosed on March 10, 2025, has already seen exploitation attempts beginning just 30…
Cloudflare to Close All HTTP Ports for APIs, Enforces HTTPS Connection
Cloudflare announced today that it has closed all HTTP ports on api.cloudflare.com, taking a significant step toward eliminating the security risks associated with cleartext HTTP traffic. The change, effective immediately, prevents sensitive information such as API tokens from being transmitted…
Hellcat Ransomware Group Hacked Ascom Technical Ticketing System
Swiss telecommunications solutions provider Ascom has fallen victim to a cyberattack by the notorious Hellcat ransomware group, which compromised the company’s technical ticketing system on March 16, 2025. The attack represents the latest in a global hacking spree targeting Jira…
Infosys Agrees to $17.5 Million Settlement Following 2023 Data Breach
Indian technology giant Infosys Limited has agreed to pay $17.5 million to settle six class action lawsuits from a significant data breach at its U.S. subsidiary, Infosys McCamish Systems LLC (McCamish). The settlement, announced on March 14, 2025, resolves allegations…
MEDUSA Ransomware Using Malicious ABYSSWORKER Driver to Disable EDR
MEDUSA ransomware operation has been observed leveraging a sophisticated malicious driver called ABYSSWORKER to disable endpoint detection and response (EDR) systems. This dangerous capability allows the ransomware to operate undetected, significantly increasing the threat to organizations’ security infrastructure. The ABYSSWORKER…