In today’s dynamic threat landscape, Threat Intelligence (TI) feeds have become a must-have for Security Operations Centers (SOCs). Whether free or paid, they offer vital insights helping teams identify threats, develop detection rules, enrich alerts, and accelerate incident response. Threat intelligence feeds…
Category: Cyber Security News
New SharePoint Phishing Attacks Using Lick Deceptive Techniques
A sophisticated new wave of phishing attacks is exploiting Microsoft SharePoint’s trusted platform to bypass traditional security measures, representing a significant evolution in cyberthreat tactics. These attacks leverage SharePoint’s inherent legitimacy within corporate environments to deceive users into believing they…
Understanding and Preventing SQL Injection Attacks – A Technical Guide
SQL injection represents one of the most persistent and dangerous web application vulnerabilities, consistently ranking among the top security threats in the OWASP Top 10. This comprehensive technical guide explores the mechanics of SQL injection attacks, demonstrates practical exploitation techniques,…
Qtap – An Open-Source Tool to See Through Encrypted Traffic in Linux systems
Qpoint has released Qtap, an open-source eBPF agent for monitoring network traffic in Linux systems. It hooks into TLS/SSL functions to capture data before and after encryption, showing unencrypted traffic with details like process, container, host, user, and protocol. Qtap…
Hardening Linux Servers – A Comprehensive Cybersecurity Checklist
Linux servers power much of our digital infrastructure, from corporate intranets to cloud services. Their security is paramount in today’s threat landscape. This comprehensive hardening guide provides concrete steps to secure your Linux servers against various attack vectors, complete with…
Critical SAP NetWeaver Vulnerability Let Attackers Bypass Authorization Checks
A critical security vulnerability has been discovered in SAP NetWeaver Application Server for ABAP that allows authenticated attackers to bypass standard authorization checks and escalate their privileges within enterprise systems. The vulnerability, tracked as CVE-2025-42989 and assigned a CVSS score…
Fortinet OS Command Injection Vulnerability Lets Attackers Execute Unauthorised Code on FortiAnalyzer-Cloud
Fortinet, a leading provider of cybersecurity solutions, has recently addressed a significant security vulnerability, CVE-2023-42788, classified as an OS command injection issue under CWE-78. This vulnerability affects multiple products earlier including FortiManager, FortiAnalyzer, and today Fortinet confirmed that the vulnerability…
Ivanti Workspace Control Vulnerabilities Let Attackers Decrypt Stored SQL Credentials
Ivanti has issued urgent security updates for its Workspace Control platform after discovering three high-severity vulnerabilities that could allow attackers to decrypt stored SQL credentials. The company released patches addressing these security flaws, which affect versions 10.19.0.0 and earlier of…
Windows Security Best Practices – Protecting Active Directory Environments
Active Directory (AD) serves as the backbone of enterprise authentication and authorization, making it a prime target for cybercriminals. According to Microsoft’s Digital Defense Report 2022, 98% of organizations hit by cyberattacks had no privilege isolation in Active Directory via…
Canva Creators’ Data Exposed Via AI Chatbot Company Database
A significant data breach involving personal information from hundreds of Canva Creators program participants, exposed through an unsecured AI chatbot database operated by a Russian company. The incident highlights emerging security vulnerabilities in the rapidly expanding artificial intelligence supply chain.…
ISPConfig Vulnerability Allows Privilege Escalation to Superadmin and PHP Code Injection
A critical security vulnerability has been discovered in ISPConfig version 3.2 build 12p1 that allows authenticated remote users to escalate their privileges to superadmin status and subsequently execute arbitrary PHP code on affected systems. The vulnerability, identified by an independent…
‘Librarian Ghouls’ APT Group Actively Attacking Organizations To Deploy Malware
The cybersecurity landscape continues to face persistent threats from sophisticated Advanced Persistent Threat (APT) groups, with one particularly active campaign drawing significant attention from security researchers. The Librarian Ghouls APT group, also operating under the aliases “Rare Werewolf” and “Rezet,”…
Critical Vulnerability in Lovable’s Security Policies Let Attackers Inject Malicious Code
A severe security vulnerability, designated as CVE-2025-48757, has been discovered in Lovable’s implementation of Row Level Security (RLS) policies, allowing attackers to bypass authentication controls and inject malicious data into applications built on the platform. The vulnerability, first identified on…
DanaBot Malware C2 server Vulnerability Exposes Threat Actor Usernames & Crypto Keys
A critical memory leak vulnerability in the DanaBot malware’s command and control infrastructure has exposed sensitive operational data belonging to cybercriminals, revealing threat actor identities, cryptographic keys, and victim information spanning nearly three years of malicious operations. The vulnerability, dubbed…
84,000+ Roundcube Webmail Installation Vulnerable to Remote Code Execution Attacks
A critical security vulnerability affecting Roundcube webmail installations has exposed over 84,000 systems worldwide to remote code execution attacks. The vulnerability, tracked as CVE-2025-49113, allows authenticated users to execute arbitrary code remotely, presenting a significant security risk to organizations relying…
ManageEngine Exchange Reporter Plus Vulnerability Allows Remote Code Execution
A severe security vulnerability has been identified in ManageEngine Exchange Reporter Plus that could allow attackers to execute arbitrary commands on target servers. Designated as CVE-2025-3835, this critical remote code execution vulnerability affects all Exchange Reporter Plus installations with build…
CISA Warns of Erlang/OTP SSH Server RCE Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH servers that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-32433, enables attackers to achieve unauthenticated remote code execution on affected systems, prompting its…
SAP June 2025 Patch Day – 14 Vulnerabilities Patched Across Multiple Products
SAP released its monthly Security Patch Day update addressing 14 critical vulnerabilities across multiple enterprise products. The comprehensive security update includes patches addressing critical authorization bypass issues and cross-site scripting vulnerabilities, with CVSS scores ranging from 3.0 to 9.6. Organizations…
Google Vulnerability Let Attackers Access Any Google User’s Phone Number
A critical security vulnerability in Google’s account recovery system allowed malicious actors to obtain the phone numbers of any Google user through a sophisticated brute-force attack, according to a disclosure by a BruteCat security researcher published this week. The vulnerability,…
Sensata Technologies Hit by Ransomware Attack – Operations Impacted
Sensata Technologies, Inc., a prominent industrial technology company based in Attleboro, Massachusetts, has disclosed a significant cybersecurity incident that compromised the personal information of hundreds of individuals. The external system breach, classified as a hacking incident, occurred on March 28,…