Category: Cyber Security News

Security researcher David Kennedy unveiled a novel attack technique known as “BYOTB” (Bring Your Own Trusted Binary) in a recent presentation at BSides London 2024, which leverages trusted binaries to bypass security measures and evade detection. This approach exploits the…

Read more →

Reverse engineering has long been a challenging yet essential process for cybersecurity professionals, software analysts, and researchers.  With the introduction of GhidrAssist, a cutting-edge plugin for the popular reverse engineering platform Ghidra, the process becomes significantly more streamlined and efficient. …

Read more →

A significant vulnerability has been identified in GitHub Enterprise Servers, allowing attackers to bypass SAML authentication and log in as other user accounts. This exploit leverages quirks in the libxml2 library, specifically related to XML entities, to deceive the verification…

Read more →

A recently disclosed vulnerability in AnyDesk, a popular remote desktop software, identified as CVE-2024-12754, enables local attackers to exploit the handling of Windows background images to gain unauthorized access to sensitive system files.  This could potentially escalate their privileges to…

Read more →

Hackers have been exploiting Google Tag Manager (GTM) to steal sensitive credit card information from eCommerce sites, particularly those built on the Magento platform. This sophisticated attack shows the evolving tactics of cybercriminals in leveraging legitimate tools for malicious purposes.…

Read more →

Linus Torvalds announced the release of Linux Kernel 6.14-rc2, the second release candidate in the 6.14 series. The release follows the usual weekly schedule and comes as a relatively small update, consistent with the overall size of the 6.14 kernel.…

Read more →

A critical security vulnerability has been discovered in the popular online game Marvel Rivals, raising alarms about the potential for hackers to exploit unsuspecting players. The exploit, identified as a Remote Code Execution (RCE) vulnerability, allows attackers on the same…

Read more →

A global brute force attack campaign leveraging 2.8 million IP addresses actively targets edge security devices, including VPNs, firewalls, and gateways from vendors such as Palo Alto Networks, Ivanti, and SonicWall. The attack, first detected in January 2025, has been…

Read more →

Welcome to this week’s Cybersecurity Newsletter, which provides the latest updates and key insights from the ever-evolving field of cybersecurity. In the current fast-paced digital landscape, it is essential to remain informed. Our objective is to deliver the most pertinent…

Read more →

Unified Threat Management (UTM) firewall is a comprehensive cybersecurity solution that integrates multiple security functions into a single platform or appliance. It is designed to simplify security management, reduce costs, and provide robust protection against a variety of cyber threats. UTM solutions are especially popular among…

Read more →

A widespread campaign targeting Microsoft Internet Information Services (IIS) servers to deploy the BadIIS malware, a tool used for search engine optimization (SEO) fraud and malicious content injection.  The campaign, attributed to the Chinese-speaking hacking group DragonRank, has affected over…

Read more →

The CISA has issued a warning regarding a critical remote code execution (RCE) vulnerability affecting Trimble Cityworks, a popular software solution for local government and public works asset management. The vulnerability, identified as CVE-2025-0994, allows an external actor to exploit…

Read more →

Hewlett Packard Enterprise (HPE) has disclosed a significant data breach involving its Office 365 email environment, attributed to the Russian state-sponsored hacking group known as Midnight Blizzard, also referred to as Cozy Bear or APT29. The breach, which began in…

Read more →

Meta Platforms, Inc. is facing serious allegations in a copyright infringement lawsuit, with plaintiffs claiming the tech giant used 81.7 terabytes of pirated books from shadow libraries to train its Llama AI models. The lawsuit, filed in the U.S. District…

Read more →

In recent weeks, ShadowServer has observed a significant rise in brute-force attacks targeting web login pages of edge devices, with honeypot data revealing up to 2.8 million IPs involved daily.  These attacks, primarily originating from Brazil, are aimed at devices…

Read more →

A recent phishing campaign has been targeting Facebook users with fake copyright infringement notices, aiming to steal their login credentials. This sophisticated scam has been sent to over 12,279 email addresses, primarily affecting enterprises across the EU, US, and Australia.…

Read more →

A new attack vector exploiting vulnerabilities in Kerberos delegation within Active Directory (AD) networks has been uncovered, posing significant risks to enterprise security.  This technique leverages the inherent weaknesses of Unconstrained Kerberos Delegation, a legacy feature that allows services to…

Read more →

Microsoft has released a critical security update for its Edge browser, addressing multiple vulnerabilities that could allow attackers to execute remote code and compromise user systems. Users are strongly urged to update their browsers immediately to mitigate potential risks. Four…

Read more →

In a concerning development for the machine learning community, researchers at ReversingLabs have identified malicious models on the popular Hugging Face platform. These models exploit vulnerabilities in the Pickle file serialization format, a widely used method for storing and sharing…

Read more →

Hewlett Packard Enterprise (HPE) has disclosed multiple critical vulnerabilities in its Aruba Networking ClearPass Policy Manager (CPPM), a widely used network access control solution.  These flaws, if exploited, could lead to arbitrary code execution, privilege escalation, and sensitive data exposure.…

Read more →