Tag: Cyber Security News

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical authentication bypass vulnerability in CrushFTP file transfer software to its Known Exploited Vulnerabilities (KEV) Catalog.  Designated as CVE-2025-31161, this vulnerability is actively being exploited in the wild, posing significant…

Read more →

The SysAdmin tools streamline IT infrastructure management by automating routine tasks, monitoring system performance, and ensuring the efficient operation of networks and servers. They offer comprehensive monitoring capabilities, allowing SysAdmins to monitor system health, network traffic, and application performance in…

Read more →

Google has released an urgent security update for its Chrome browser addressing a critical “Use After Free” vulnerability in the browser’s Site Isolation feature.  The high-severity Vulnerability tracked as CVE-2025-3066 could allow attackers to execute arbitrary code on affected systems,…

Read more →

A critical zero-day vulnerability in the Windows Common Log File System (CLFS) has been uncovered and is being actively exploited by a ransomware group. The vulnerability Tracked as CVE-2025-29824, this elevation of privilege flaw has been targeted in attacks against…

Read more →

A critical zero-day vulnerability in the Windows Common Log File System (CLFS) driver, tracked as CVE-2025-29824, has been actively exploited in the wild. This security flaw allows attackers to elevate privileges to SYSTEM level, posing a significant risk to affected…

Read more →

Microsoft’s April 2025 Patch Tuesday update has arrived, delivering critical fixes for 121 security vulnerabilities across its broad suite of software products. This month’s update addresses a significant array of threats, including elevation of privilege, remote code execution, and a…

Read more →

Fortinet has disclosed and addressed multiple vulnerabilities across its product suite, including FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiVoice, FortiWeb, and FortiSwitch. These vulnerabilities range from improper output neutralization for logs to unverified password changes and insufficiently protected credentials. The company has…

Read more →

Vidar Stealer, an information-stealing malware first identified in 2018, has evolved with a sophisticated new deception technique targeting cybersecurity professionals and system administrators. This notorious malware, which evolved from the Arkei Trojan, has been continuously adapted to harvest sensitive data…

Read more →

Zoom has released updates to address multiple vulnerabilities affecting its Workplace applications across various platforms. The most pressing flaw could allow attackers to inject malicious scripts, potentially compromising the integrity of user data. Users are strongly encouraged to apply the…

Read more →

The cybersecurity landscape is experiencing a significant transformation as threat actors adopt increasingly sophisticated approaches to bypass security measures. A comprehensive analysis of 46 deep-web hacker forums and over 26,000 threat actors’ forum threads has revealed alarming trends in cyber…

Read more →

As Microsoft tightens the screws on traditional credential theft methods and Endpoint Detection and Response (EDR) systems grow more sophisticated, red teams are pivoting to innovative, fileless attack vectors. Enter RemoteMonologue, a novel technique unveiled by security researcher Andrew Oliveau…

Read more →

Morphing Meerkat, a sophisticated Phishing-as-a-Service (PhaaS) platform first identified in 2020, has evolved from a simple tool capable of mimicking five email services to a comprehensive cybercriminal resource offering more than 100 different scam templates. This platform represents a significant…

Read more →

The OpenSSL Project has officially released version 3.5.0 of its widely used cryptographic library, marking a significant milestone with the integration of post-quantum cryptography (PQC) algorithms and other groundbreaking features. This release, announced on April 8, 2025, is set to…

Read more →

SAP announced its latest Security Patch Day, unveiling 18 new Security Notes alongside updates to two previously released advisories.  This comprehensive update focuses on addressing multiple vulnerabilities in SAP’s extensive product portfolio, with a particular spotlight on critical code injection…

Read more →

Cybersecurity researchers have uncovered a disturbing campaign targeting software developers through malicious Visual Studio Code extensions that have collectively amassed millions of installations. These compromised extensions, masquerading as legitimate productivity tools, covertly execute malicious code while developers focus on their…

Read more →

Fortinet has issued a critical advisory regarding a newly discovered vulnerability in its FortiSwitch product line. The vulnerability, identified as an unverified password change vulnerability (CWE-620), could allow remote, unauthenticated attackers to modify administrative passwords via specially crafted requests. This…

Read more →

A significant data breach occurred when an unidentified threat actor leaked internal data from Medialand, a major bulletproof hosting (BPH) provider with extensive ties to cybercriminal operations worldwide. The leaked information exposes the infrastructure that has been enabling a wide…

Read more →

Google has announced a significant security improvement for Chrome version 136. This update addresses a 23-year-old vulnerability that could allow malicious websites to snoop on users’ browsing histories.  The fix, called “:visited link partitioning,” makes Chrome the first major browser…

Read more →

The National Institute of Standards and Technology (NIST) announced on April 2, 2025, that all Common Vulnerabilities and Exposures (CVEs) with a published date prior to January 1, 2018, will be marked as “Deferred” within the National Vulnerability Database (NVD)…

Read more →

Oracle Corp. has privately confirmed to customers that a threat actor breached a computer system and exfiltrated old client login credentials. This acknowledgment comes after weeks of public denials and represents the second cybersecurity incident the company has disclosed to…

Read more →

Cybersecurity experts have observed a concerning trend where sophisticated threat actors are increasingly targeting Continuous Integration/Continuous Deployment (CI/CD) pipelines to gain unauthorized access to sensitive cloud resources. These attacks exploit misconfigurations in the OpenID Connect (OIDC) protocol implementation, allowing attackers…

Read more →

Google has released its April 2025 Android Security Bulletin, addressing numerous critical vulnerabilities including two zero-day flaws actively exploited in targeted attacks.  This marks the third consecutive month that Google has issued emergency patches for actively exploited vulnerabilities, highlighting the…

Read more →

The Linux community has unveiled the highly anticipated Linux 6.15-rc1 test kernel, marking a significant milestone in the ongoing evolution of the open-source operating system.  This release introduces substantial driver updates, performance optimizations, and new hardware support that collectively enhance…

Read more →

A team of researchers at PCAutomotive revealed to Cyber security news today that attackers could fully compromise second-generation Nissan Leaf EVs (2020 model) through a flaw in the infotainment system, enabling unprecedented remote control over critical vehicle functions. The exploit…

Read more →

The first-ever custom-trained AI tool for subdomain discovery to transform the way security professionals identify hidden subdomains, which are often overlooked yet highly vulnerable entry points for cyberattacks. Traditionally, subdomain enumeration has relied on brute-force methods, which involve generating and…

Read more →

WK Kellogg Co., the prominent North American cereal manufacturer, has confirmed a significant data breach affecting its servers hosted by Cleo, a third-party vendor providing secure file transfer services.  The breach occurred on December 7, 2024, but was only discovered…

Read more →

ANY.RUN’s Threat Intelligence (TI) Feeds have established themselves as a valuable resource for cybersecurity professionals seeking fresh and unique indicators of compromise (IOCs). This continuously updated stream of threat intelligence leverages data from over 500,000 researchers and security professionals worldwide,…

Read more →

A proof-of-concept (PoC) exploit has been released for CVE-2025-3155, a critical vulnerability in GNOME’s Yelp help viewer that enables attackers to exfiltrate SSH keys and other sensitive files from Ubuntu systems.  The flaw leverages improper handling of the ghelp:// URI…

Read more →

A critical vulnerability in WhatsApp for Windows that could allow attackers to execute malicious code through seemingly innocent file attachments.  The spoofing vulnerability, officially tracked as CVE-2025-30401, affects all versions of WhatsApp Desktop for Windows prior to 2.2450.6 and poses…

Read more →

In a sophisticated espionage campaign targeting European government and military institutions, hackers believed to be connected with Russian state actors have been utilizing a lesser-known feature of Windows Remote Desktop Protocol (RDP) to infiltrate systems. The Google Threat Intelligence Group…

Read more →

Cybersecurity experts have identified a new threat targeting cryptocurrency developers and users. Two malicious Python packages have been discovered on the Python Package Index (PyPI) specifically designed to compromise systems using the popular bitcoinlib library. These packages, identified as bitcoinlibdbfix…

Read more →

Malware operators continue exploiting the Windows Screensaver (.scr) file format to distribute malicious payloads, leveraging its executable nature under the guise of harmless system files. Recent campaigns observed by cybersecurity researchers reveal advanced tactics targeting global enterprises through sophisticated phishing…

Read more →

AI-powered spear phishing agents have surpassed elite human red teams in crafting socially engineered attacks as recently revealed. From 2023 to 2025, AI’s effectiveness relative to humans improved by 55%, marking a paradigm shift in both offensive and defensive cybersecurity…

Read more →

A sophisticated cybercriminal operation has emerged targeting toll payment services across multiple regions, with evidence suggesting this campaign will continue expanding globally. The attack, characterized by highly convincing SMS phishing (smishing) messages, has already reached millions of consumers who use…

Read more →

A sophisticated malware campaign distributing the Grandoreiro banking trojan has been targeting users in Mexico, Argentina, and Spain through elaborate phishing emails impersonating tax agencies. The attack leverages a multi-stage infection chain that begins with fraudulent government notifications claiming recipients…

Read more →

Deep visibility into malware-siphoned data can help close gaps in traditional defenses before they evolve into major cyber threats like ransomware and account takeover SpyCloud, the leading identity threat protection company, today released new analysis of its recaptured darknet data…

Read more →

ToddyCat, the notorious APT group, used a sophisticated attack strategy to stealthily deploy malicious code in targeted systems by exploiting a weakness in ESET’s command line scanner.   The vulnerability, now tracked as CVE-2024-11859, allowed attackers to bypass security monitoring tools…

Read more →

The Everest ransomware gang, a Russia-linked cybercriminal organization, faced an unexpected setback this weekend when its dark web leak site was hacked and defaced.  The site, typically used to publish stolen data as part of the gang’s extortion tactics, was…

Read more →

A new malicious AI platform named Xanthorox AI has emerged, positioning itself as a friendly tool for hackers. First spotted in late Q1 2025, Xanthorox AI is being promoted in underground cybercrime forums as a modular, self-hosted solution for automated…

Read more →

A 20-year-old Florida man identified as a key member of the notorious “Scattered Spider” cybercriminal collective has pleaded guilty to orchestrating sophisticated ransomware attacks and cryptocurrency theft schemes targeting major corporations.  Noah Urban, also known by aliases “King Bob” and…

Read more →

A new Linux backdoor named Auto-color has been identified targeting government organizations and universities across North America and Asia. First observed between November and December 2024, Auto-color is designed to evade detection and maintain a persistent presence within compromised systems.…

Read more →

A critical vulnerability in the widely-used python-json-logger library has been identified, potentially allowing attackers to execute arbitrary code on affected systems.  The flaw, tracked as CVE-2025-27607 with an initial CVSS score of 8.8, affects versions 3.2.0 and 3.2.1 of the…

Read more →

MediaTek has released a critical security update addressing multiple vulnerabilities in its chipsets, with one critical flaw that could potentially allow attackers to execute malicious code remotely on affected devices without user interaction.  The bulletin, published today, highlights significant security…

Read more →

In a recent discovery, over 50,000 WordPress sites using the popular “Uncanny Automator” plugin have been found vulnerable to privilege escalation attacks. This alarming flaw allows authenticated users, even those with minimal subscriber-level access, to elevate their privileges to administrator…

Read more →

A significant security vulnerability in Dell Technologies PowerProtect Data Domain systems has been identified that could allow authenticated users to execute arbitrary commands with root privileges, potentially compromising critical data protection infrastructure.  Dell has released remediation patches to address this…

Read more →

A new Remote Access Trojan (RAT) called Sakura has been published on GitHub. Due to its sophisticated anti-detection capabilities and comprehensive system control features, Sakura is raising significant concerns in the cybersecurity community. The malware, identified in a repository allegedly…

Read more →

The Lazarus Group, a notorious North Korean state-sponsored hacking collective, has escalated its cyber warfare tactics by introducing new malicious npm packages with advanced obfuscation techniques. These packages, part of the broader Contagious Interview operation, are designed to evade automated…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has officially released Version 2.0.0 of the NICE Workforce Framework for Cybersecurity, marking a significant update to this nationally focused resource.  Released on March 5, 2025, this major update introduces substantial changes…

Read more →

A critical security vulnerability discovered in pgAdmin 4, the most widely used management tool for PostgreSQL databases, is allowing attackers to execute arbitrary code on affected systems.  Security researchers have disclosed details of CVE-2025-2945, a severe Remote Code Execution (RCE)…

Read more →

A critical security vulnerability has been discovered in Bitdefender GravityZone Console that could allow remote attackers to execute arbitrary commands on affected systems.  The flaw tracked as CVE-2025-2244 has a CVSS score of 9.5. It stems from an insecure PHP…

Read more →

Kubernetes container scanners are essential tools for ensuring the security of containerized applications and Kubernetes clusters. These scanners analyze vulnerabilities, misconfigurations, and compliance issues within container images, Kubernetes manifests, and runtime environments. Popular tools like Kube Bench focus on compliance…

Read more →

Communication is the key in all areas, and the cyber world is no different. To communicate in the cyber world, you must learn the language used here: programming languages. This will help you command the machines to act according to…

Read more →

Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. Keeping updated is essential in the rapidly changing digital landscape of today. We aim to equip you with…

Read more →

Ransomware file decryptor tools are essential for recovering data encrypted by malicious software without paying ransoms. These tools help victims regain access to their files by using decryption keys or algorithms to unlock the encrypted data. The No More Ransom…

Read more →

Microsoft Outlook will enforce stricter authentication requirements for high-volume senders, impacting domains that send over 5,000 emails daily. These changes, which will take effect on May 5, 2025, aim to enhance inbox protection and maintain trust in digital communication. Outlook’s…

Read more →

A sophisticated new cyberattack chain dubbed “KongTuke” has been uncovered by cybersecurity researchers, targeting unsuspecting internet users through compromised legitimate websites. Detailed in a report by Bradley Duncan of Palo Alto Networks’ Unit 42 team, this attack leverages malicious scripts…

Read more →

A recently discovered set of vulnerabilities, dubbed “IngressNightmare,” found in Ingress NGINX Controller, exposing clusters to unauthenticated remote code execution (RCE). Kubernetes dominates container orchestration, but its prominence has made it a target for exploitation. In Kubernetes, Ingress serves as…

Read more →

Google has made a big move to fight cyber threats by announcing Sec-Gemini v1, an experimental AI model designed to revolutionize cybersecurity. Elie Burzstein and Marianna Tishchenko from the Sec-Gemini team unveiled a new AI model designed to help cybersecurity…

Read more →

Microsoft celebrated its 50th anniversary on April 4, 2025, reflecting on its journey since Bill Gates and Paul Allen founded the company in 1975. The milestone event, held at Microsoft’s Redmond, Washington headquarters, blended nostalgia with cutting-edge AI advancements, particularly…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457, a critical vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, to its Known Exploited Vulnerabilities (KEV) Catalog. This stack-based buffer overflow, actively exploited since mid-March 2025, allows…

Read more →

Ivanti has disclosed a critical vulnerability, CVE-2025-22457, affecting its Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products that are actively exploited in the wild. This stack-based buffer overflow flaw, with a CVSS score of 9.0, has…

Read more →

Endpoint management tools are critical for organizations to efficiently manage and secure devices such as desktops, laptops, mobile devices, and IoT systems. These tools provide centralized control, allowing IT teams to enforce security policies, deploy software updates, and monitor device…

Read more →

Cybersecurity search engines are specialized tools designed to empower professionals in identifying vulnerabilities, tracking threats, and analyzing data effectively. These platforms offer a wealth of information that generic search engines cannot provide, making them indispensable for cybersecurity researchers and professionals.…

Read more →

A notorious threat actor operating under the alias “EncryptHub” has been exposed due to a series of operational security failures and unconventional use of AI tools. This Ukrainian cybercriminal, who fled his hometown approximately a decade ago, has been orchestrating…

Read more →

IT asset management (ITAM) software has become essential for businesses to efficiently track, manage, and optimize their hardware, software, and cloud resources. As we approach 2025, the landscape of ITAM tools continues to evolve, offering more advanced features and capabilities.…

Read more →

Password managers help to securely store and manage passwords, enhancing security and simplifying access across various platforms. Top password management solutions make password protection easy and effective for online security. These solutions securely store your passwords in a virtual safe…

Read more →

Cybersecurity researchers have uncovered a sophisticated attack campaign where threat actors impersonate recruitment professionals to distribute dangerous malware payloads. On November 29, 2024, threat actors were found impersonating Dev.to, a popular developer community, to distribute malicious code hidden within project…

Read more →

A deceptive phishing campaign targeting mobile users with fake unpaid toll notifications has intensified significantly in recent months, evolving into one of the most sophisticated SMS-based credential theft operations currently active. This scheme represents a tactical shift in phishing methodology,…

Read more →

A sophisticated phishing campaign dubbed “PoisonSeed” has emerged targeting customer relationship management (CRM) and bulk email service providers in a concerning supply chain attack. The operation leverages compromised email infrastructure to distribute malicious content aimed at cryptocurrency wallet holders, particularly…

Read more →

Cybercriminals are intensifying their efforts to exploit taxpayers through sophisticated phishing campaigns. These campaigns utilize tax-related themes as social engineering lures to steal credentials and deploy malware. What distinguishes this year’s attacks is the increased use of redirection methods such…

Read more →

A new type of Android spyware that requires a password for uninstallation has been identified, making it increasingly difficult for victims to remove the malicious software from their devices. A stealthy phone monitoring app that effectively blocks device owners from…

Read more →

The State Bar of Texas has confirmed a significant data security incident that occurred in early 2025, compromising sensitive information of its members and clients. The breach, which was discovered on February 12, 2025, involved unauthorized access to the organization’s…

Read more →

Extended Detection and Response (XDR) is a unified security incident platform that leverages AI and automation to protect organizations against advanced cyberattacks. XDR expands upon traditional endpoint detection and response (EDR) by integrating data from multiple sources, including endpoints, networks,…

Read more →

A sophisticated malware campaign dubbed “Clickfix” has emerged, targeting users through deceptive browser notifications and pop-ups that prompt immediate action through “Fix Now” and “Bot Verification” buttons. When triggered, these seemingly harmless prompts initiate a multi-stage infection chain that deploys…

Read more →

A concerning trend in digital attacks: threat actors are weaponizing PDF files. According to CheckPoint Research, while 68% of all malicious attacks are delivered through email, PDF-based attacks now constitute 22% of all malicious email attachments, making them a significant security…

Read more →

A critical remote code execution (RCE) vulnerability has been discovered in Apache Parquet’s Java library, potentially affecting thousands of data analytics systems worldwide.  The flaw, identified as CVE-2025-30065, carries the highest possible CVSS score of 10.0 and allows attackers to…

Read more →

A sophisticated malicious Python package named “disgrasya” has been discovered on the PyPI repository, containing a fully automated carding script specifically targeting WooCommerce stores. This package, whose name translates to “disaster” in Filipino slang, enables attackers to test stolen credit…

Read more →

A concerning security vulnerability has emerged in the AI landscape as researchers discover that DeepSeek-R1’s Chain of Thought (CoT) reasoning system can be exploited to create sophisticated malware and generate convincing phishing campaigns. The 671-billion-parameter model, designed to enhance reasoning…

Read more →

A sophisticated new credit card skimming operation dubbed “RolandSkimmer” has emerged, targeting users primarily in Bulgaria through malicious browser extensions. Named after the unique string “Rol@and4You” embedded in its payload, this attack represents a concerning evolution in web-based financial theft…

Read more →

Multiple major Australian superannuation funds have fallen victim to a sophisticated cyberattack that has compromised thousands of member accounts and resulted in confirmed financial losses.  Cybersecurity experts have identified the attack as a coordinated OAuth token manipulation campaign coupled with…

Read more →

A critical security vulnerability, CVE-2025-31137, has been identified in React Router, a popular library used by millions of developers for managing routing in React applications.  Security researchers from zhero_web_security discovered this flaw, which affects both React Router 7 and Remix…

Read more →

Frida 16.7.0, the latest version of the popular dynamic instrumentation toolkit, has powerful new APIs specifically designed for advanced threat monitoring and security analysis.  This major update, announced on March 13, 2025, introduces groundbreaking capabilities that significantly enhance the toolkit’s…

Read more →

Security researchers have identified a critical vulnerability in Ivanti Connect Secure (ICS) VPN appliances that is being actively exploited by suspected Chinese threat actors. The vulnerability, tracked as CVE-2025-22457, is a buffer overflow flaw affecting ICS version 22.7R2.5 and earlier…

Read more →

A critical security vulnerability in OpenVPN has been discovered that could allow attackers to crash servers, potentially disrupting secure communications for thousands of users worldwide.  The vulnerability, identified as CVE-2025-2704, affects OpenVPN versions 2.6.1 through 2.6.13 when configured with the…

Read more →

A critical security vulnerability in Apache Traffic Server (ATS) has been discovered. By exploiting how the server processes chunked messages, attackers can perform request smuggling attacks.  The vulnerability, tracked as CVE-2024-53868, affects multiple versions of this high-performance HTTP proxy server…

Read more →

Oracle Corporation has confirmed a data breach involving its older Gen 1 servers, marking the second cybersecurity incident disclosed by the company in recent weeks. The breach, initially reported by a threat actor on Breachforums on March 20, 2025, has…

Read more →

CISA warns of threat actors’ increasing adoption of the fast flux technique to evade detection and conceal malicious server infrastructures. As cybercriminal operations grow increasingly sophisticated, threat actors adopt advanced techniques like fast flux to mask malicious infrastructure, evade defensive measures, and…

Read more →

A sophisticated phishing campaign has emerged targeting users of Monex Securities, one of Japan’s largest online brokerage platforms formed through the merger of Monex, Inc. and Nikko Beans, Inc. Since early April 2025, attackers have deployed a series of fraudulent…

Read more →

A sophisticated ransomware operation known as Hunters International emerged in October 2023, with strong evidence suggesting connections to the formerly dismantled Hive ransomware group. The initial attack was documented on October 13, 2023, when the group disclosed their first victim—an…

Read more →

A sophisticated cyber campaign leveraging the DarkCloud information stealer has targeted Spanish organizations across multiple critical sectors since early April 2025. The malware, distributed via weaponized .TAR archives embedded in phishing emails, exploits billing-themed lures to compromise technology, legal, financial,…

Read more →

A sophisticated web skimming campaign that employs a novel technique leveraging Stripe’s legacy API to validate payment card details before exfiltration.  This tactic ensures attackers collect only valid payment information, making their operation more efficient while reducing the chances of…

Read more →

A highly sophisticated Russian threat actor known as Seashell Blizzard (also tracked as APT44, Sandworm, and Voodoo Bear) has been conducting extensive cyber operations against organizations worldwide. Linked to Russian Military Intelligence Unit 74455 (GRU), this adversary has targeted critical…

Read more →

A sophisticated ransomware attack targeted Managed Service Providers (MSPs) through well-crafted phishing emails designed to appear as authentication alerts for their ScreenConnect Remote Monitoring and Management (RMM) tool. This attack resulted in the deployment of Qilin ransomware across multiple customer…

Read more →

A sophisticated cyber espionage campaign dubbed “Operation HollowQuill” has been uncovered targeting academic institutions and government agencies worldwide through weaponized PDF documents. The operation employs social engineering tactics, disguising malicious PDFs as research papers, grant applications, or government communiqués to…

Read more →

A new generation of sophisticated AI-powered Gray Bots has emerged, targeting web applications with unprecedented intensity. These bots utilize machine learning to mimic human behavior while generating over 17,000 requests per hour. Unlike traditional attacks, they adjust traffic patterns to…

Read more →

Attackers are actively exploiting a critical authentication bypass vulnerability in SonicWall firewalls to gain unauthorized network access.  The vulnerability tracked as CVE-2024-53704, with a critical CVSS score of 9.8, allows remote attackers to hijack active SSL VPN sessions without requiring…

Read more →

A dangerous partnership has emerged in the cybercriminal landscape, as EvilCorp, a sanctioned Russia-based cybercriminal enterprise, has begun working with RansomHub, one of the most active ransomware-as-a-service (RaaS) operations. This collaboration, identified through shared indicators of compromise (IOCs) and tactics,…

Read more →

Cisco disclosed a critical security vulnerability affecting Cisco Meraki MX and Z Series devices, which presents significant risks to enterprise networks.  The vulnerability tracked as CVE-2025-20212 and associated with allows authenticated remote attackers to trigger denial of service (DoS) conditions…

Read more →

Cybersecurity experts have uncovered a sophisticated malware campaign that initially exploited the popular DeepSeek LLM as a lure but has now expanded significantly. In early March 2025, researchers identified malicious operations using DeepSeek as bait, but subsequent telemetry analysis has…

Read more →

Recent network monitoring data from SANS reveals a significant spike in targeted scans seeking to exploit default credentials in Juniper Networks’ Session Smart Router (SSR) platform.  Security researchers have observed a massive coordinated campaign attempting to identify and compromise vulnerable…

Read more →