Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The vulnerability, which enables attackers to take control of servers with a simple PUT request,…
Category: Cyber Security News
23,000 GitHub Repositories Targeted In Supply Chain Attack
In a massive security breach discovered this week, approximately 23,000 GitHub repositories have been compromised in what security experts are calling one of the largest supply chain attacks to date. The attackers exploited vulnerabilities in the software development pipeline to…
Telegram CEO Returns to Dubai Amid French Investigation Continues
Pavel Durov, founder and CEO of Telegram, announced his return to Dubai on Monday following months of judicial supervision in France as investigations into alleged criminal activities on his messaging platform continue. Durov expressed relief at being back home and…
Kentico Xperience CMS Authentication Bypass Vulnerability Allow Attackers Execute Arbitrary Code Remotely
Researchers discovered critical vulnerabilities in Kentico’s Xperience CMS that could allow attackers to completely compromise affected systems. The vulnerabilities, identified as WT-2025-0006, WT-2025-0007, and WT-2025-0011, can be chained together to achieve unauthenticated remote code execution on systems with common configurations.…
Beware of Free File Word To PDF Converter That Delivers Malware
The FBI has issued an urgent warning about the rising threat of malicious file conversion tools that are being used to spread malware across the United States. Cybercriminals are targeting users searching for free utilities to convert documents from one…
MassJacker Clipper Malware Attacking Users Installing Pirated Software
A newly discovered cryptojacking malware dubbed “MassJacker” is targeting users who download pirated software, replacing cryptocurrency wallet addresses to redirect funds to attackers. The malware acts as a clipboard hijacker, monitoring when users copy crypto wallet addresses and silently replacing…
Proactive Cybersecurity – Staying Ahead of Threats with a Preventive Approach
The old adage “Prevention is better than cure” has taken a new, more urgent meaning in the cybersecurity community. With 600 million cyber attacks per day, several companies have started investing heavily in proactive cybersecurity measures that encompass risk-based vulnerability…
Manage Engine Analytics Vulnerability Allows User Account Takeover
A high-severity authentication vulnerability in ManageEngine Analytics Plus on-premise installations has been identified, potentially allowing malicious actors to gain unauthorized access to Active Directory (AD) authenticated user accounts. The vulnerability, tracked as CVE-2025-1724, affects all Windows builds prior to 6130…
Zoom Team Chat Decrypted to Uncover User Activities
In a significant development for digital forensics investigators, new research has revealed comprehensive methods to decrypt Zoom Team Chat databases, potentially exposing sensitive user communications and activities. As organizations worldwide continue to rely on Zoom for remote collaboration, these findings…
Wazuh Open Source SIEM Vulnerability Allows Malicious Code Execution Remotely
Cybersecurity researchers have disclosed a critical remote code execution vulnerability (CVE-2025-24016) affecting Wazuh, a widely-used open-source security information and event management (SIEM) platform. The vulnerability, which carries a severe CVSS score of 9.9, impacts versions 4.4.0 through 4.9.0 and allows…
Espressif Systems Vulnerabilities Let Attackers Execute Arbitrary Code
Security researchers have uncovered several critical vulnerabilities in Espressif Systems’ ESP-IDF framework that could allow attackers to execute arbitrary code on ESP32 devices via Bluetooth interfaces. The high-risk flaws, which affect ESP-IDF versions 5.0.7, 5.1.5, 5.2.3, and 5.3.1 (and likely…
Chinese Volt Typhoon Hackers Exploiting Cisco & NetGear Routers To Compromise Organizations
The Chinese state-sponsored hacking group known as Volt Typhoon has intensified its campaign targeting critical infrastructure across multiple countries through the exploitation of vulnerable Cisco and NetGear routers. This advanced persistent threat (APT) actor has been conducting widespread espionage and…
AI Operator Agents Assisting Hackers To Write Malicious Code
AI-powered agents are evolving rapidly, offering enhanced capabilities to automate routine tasks, but researchers have discovered these same tools can be weaponized by malicious actors. OpenAI’s Operator, launched as a research preview on January 23, 2025, represents a new generation…
New C++ Based IIS Malware With Numerous Functionalities Mimics cmd.exe To Stay Undetected
Security researchers have uncovered a sophisticated malware strain targeting Microsoft’s Internet Information Services (IIS) web servers, leveraging C++ to deploy advanced evasion techniques and payload delivery mechanisms. The malware disguises its core processes as the legitimate Windows command-line utility cmd.exe…
Millions Of RSA Key Exposes Serious Flaws That Can Be Exploited
A disturbing security vulnerability has been uncovered affecting RSA encryption keys used across the internet, with researchers discovering that approximately 1 in 172 certificates found online are susceptible to compromise through a mathematical attack. This widespread vulnerability primarily impacts Internet…
Researcher Criticizes Microsoft Over Video Requirement for Bug Reports
A well-known vulnerability analyst has publicly criticized the Microsoft Security Response Center (MSRC) for refusing to process a detailed bug report without a proof-of-concept (POC) video. The incident has sparked debate within the cybersecurity community about the necessity of video…
Apple Adds RCS End-to-End Encryption for Sending Text Messages Using iPhone
Apple has announced it will implement end-to-end encryption (E2EE) for Rich Communication Services (RCS) messaging on iPhones, significantly enhancing security for cross-platform communications between iOS and Android users. The announcement comes as the GSM Association (GSMA) releases its new RCS…
BlackLock Ransomware Hacked 40+ Organization Within Two Months
BlackLock ransomware has emerged as one of the most notorious cybersecurity threats of 2025, compromising more than 40 organizations within just two months. The fast-rising ransomware group has targeted victims across multiple sectors, with construction, real estate, and technology industries…
Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials
Luxury automotive manufacturer Jaguar Land Rover (JLR) has become the latest victim of the rapidly emerging HELLCAT ransomware group, with sensitive internal documents and employee data now exposed on hacking forums. The attack bears the hallmarks of HELLCAT’s sophisticated tactics,…
Android Malware Mimic As DeepSeek To Steal Users Login Credentials
A sophisticated Android banking trojan known as OctoV2 has been discovered masquerading as the legitimate DeepSeek AI application. The malware campaign uses a deceptive phishing website that closely mimics the official DeepSeek platform, tricking users into downloading a malicious application…