In recent years, threat actors have increasingly targeted free email services to compromise government and educational entities. One such group, known as GreenSpot, has been particularly active in this domain. GreenSpot, believed to operate from Taiwan, has been involved in…
Category: Cyber Security News
CISA Releases Nine Advisories Detailing Vulnerabilities and Exploits Surrounding ICS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued nine new Industrial Control Systems (ICS) advisories, shedding light on critical vulnerabilities and exploits that could significantly impact industrial operations. These advisories aim to provide actionable insights for securing ICS…
Hackers Exploits ADFS to Bypass MFA & Gain Access to Critical Systems
A sophisticated phishing campaign has been discovered targeting organizations reliant on Microsoft’s Active Directory Federation Services (ADFS). This legacy single sign-on (SSO) solution, designed to streamline authentication across multiple applications, is being exploited by attackers to bypass multi-factor authentication (MFA)…
CISA Releases Guidance to Protect Firewalls, Routers, & Internet-Facing Servers
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with international cybersecurity authorities, has issued comprehensive guidance aimed at securing network edge devices. These devices, which include firewalls, routers, VPN gateways, Internet of Things (IoT) devices, internet-facing servers, and operational…
Critical Veeam Backup Vulnerability Let Attackers Execute Arbitrary Code to Gain Root Access
A critical vulnerability, identified as CVE-2025-23114, has been discovered in the Veeam Updater component, a key element of multiple Veeam backup solutions. This flaw enables attackers to execute arbitrary code on affected servers through a Man-in-the-Middle (MitM) attack, potentially granting…
0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows
A critical security vulnerability has been identified in nearly all Microsoft Sysinternals tools, presenting a significant risk to IT administrators and developers who rely on these utilities for system analysis and troubleshooting. This vulnerability, outlining how attackers can exploit DLL…
Hackers Exploiting A Six-Year-Old IIS Vulnerability To Gain Remote Access
The eSentire Threat Response Unit (TRU) revealed that threat actors are actively exploiting a six-year-old IIS vulnerability in Progress Telerik UI for ASP.NET AJAX to gain remote access to systems. This vulnerability, identified as CVE-2019-18935, allows attackers to execute arbitrary…
TinyZero – Researchers Replicated DeepSeek’s R1-Zero Model for Just $30
In an impressive demonstration of cost-effective AI research, a group of researchers has successfully replicated DeepSeek’s R1-Zero model for just $30. Dubbed TinyZero, this project focuses on countdown and multiplication tasks, leveraging reinforcement learning (RL) to enable a 3-billion-parameter (3B)…
CISA Adds Apache, Microsoft Vulnerabilities to Its Database that Are Actively Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several newly identified vulnerabilities to its authoritative list of security flaws exploited in the wild. This catalog Developed to assist cybersecurity professionals in…
Chrome Use-After-Free Vulnerabilities Let Attackers Execute Remote Code – Update Now
The Google Chrome team has officially released Chrome 133, now available on the stable channel for Windows, Mac, and Linux. This update, version 133.0.6943.53 for Linux and 133.0.6943.53/54 for Windows and Mac, brings a host of improvements and critical security…
AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin
AMD has disclosed a high-severity vulnerability (CVE-2024-56161) in its Secure Encrypted Virtualization (SEV) technology, which could allow attackers with administrative privileges to inject malicious CPU microcode. This flaw compromises the confidentiality and integrity of virtual machines (VMs) protected by SEV-SNP,…
New Tiny FUD Attacking macOS Users Bypassing Antivirus and Security Tools
A new, highly sophisticated malware known as Tiny FUD has been identified, targeting macOS users with advanced evasion techniques that allow it to bypass traditional antivirus and security tools. This malware leverages process name spoofing, DYLD injection, and C2-based command…
3 SOC Challenges Solved by Threat Intelligence
An organization’s cyber security operation center (SOC) is a unit in charge of cyber threat prevention and mitigation. Within this framework, several critical tasks imply gathering and analyzing data on threats, incidents and attacks. This process is usually referred to…
Critical Windows OLE Zero-Click Vulnerability Let Attacker to Execute Arbitrary Code
A critical security flaw, identified as CVE-2025-21298, has been disclosed in Microsoft’s Windows Object Linking and Embedding (OLE) technology. This zero-click vulnerability, which carries a CVSS score of 9.8, allows attackers to execute arbitrary code remotely by exploiting Microsoft Outlook…
Hackers Using HTTP Client Tools To Takeover Microsoft 365 Accounts
Hackers have increasingly been using HTTP client tools to orchestrate sophisticated account takeover attacks on Microsoft 365 environments. A staggering 78% of Microsoft 365 tenants have been targeted at least once by such attacks, highlighting the evolving tactics of threat…
Google Patched Linux Kernel RCE Vulnerability In Android Allow Attackers Gain Read/Write Access
Google has released its February 2025 Android Security Bulletin, which addresses 47 vulnerabilities impacting Android devices. A notable issue is a patched Linux kernel vulnerability (CVE-2024-53104) that could enable attackers to execute remote code (RCE), granting unauthorized read/write access to affected systems.…
Abandoned AWS S3 Buckets Can be Reused to Hijack Global Software Supply Chain
Researchers at WatchTowr Labs have uncovered a critical security vulnerability in abandoned Amazon Web Services (AWS) S3 buckets that could enable attackers to hijack the global software supply chain. The research highlights how these neglected cloud storage resources could facilitate…
New Attack Technique to Bypassing EDR as Low Privileged Standard User
A new cyberattack technique has emerged, enabling attackers to bypass Endpoint Detection and Response (EDR) systems while operating under a low-privileged standard user account. Traditionally, EDR evasion requires elevated privileges, such as administrative or system-level access. However, this innovative approach…
Microsoft Azure AI Face Service Elevation of Privilege Vulnerability Let Attackers Gain Network Access
Microsoft has disclosed a critical vulnerability, CVE-2025-21415, impacting the Azure AI Face Service, which is classified as an Elevation of Privilege issue, allowing attackers to bypass authentication mechanisms via spoofing, escalating their privileges over a network. However, Microsoft has confirmed…
Roundcube XSS Vulnerability Let Attackers Inject Malicious Files
A critical Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2024-57004, has been discovered in Roundcube Webmail version 1.6.9. This flaw allows remote authenticated users to upload malicious files disguised as email attachments, posing significant risks to individuals and organizations using the…