Active Directory (AD) serves as the backbone of enterprise authentication and authorization, making it a prime target for cybercriminals. According to Microsoft’s Digital Defense Report 2022, 98% of organizations hit by cyberattacks had no privilege isolation in Active Directory via…
Tag: Cyber Security News
Canva Creators’ Data Exposed Via AI Chatbot Company Database
A significant data breach involving personal information from hundreds of Canva Creators program participants, exposed through an unsecured AI chatbot database operated by a Russian company. The incident highlights emerging security vulnerabilities in the rapidly expanding artificial intelligence supply chain.…
ISPConfig Vulnerability Allows Privilege Escalation to Superadmin and PHP Code Injection
A critical security vulnerability has been discovered in ISPConfig version 3.2 build 12p1 that allows authenticated remote users to escalate their privileges to superadmin status and subsequently execute arbitrary PHP code on affected systems. The vulnerability, identified by an independent…
‘Librarian Ghouls’ APT Group Actively Attacking Organizations To Deploy Malware
The cybersecurity landscape continues to face persistent threats from sophisticated Advanced Persistent Threat (APT) groups, with one particularly active campaign drawing significant attention from security researchers. The Librarian Ghouls APT group, also operating under the aliases “Rare Werewolf” and “Rezet,”…
Critical Vulnerability in Lovable’s Security Policies Let Attackers Inject Malicious Code
A severe security vulnerability, designated as CVE-2025-48757, has been discovered in Lovable’s implementation of Row Level Security (RLS) policies, allowing attackers to bypass authentication controls and inject malicious data into applications built on the platform. The vulnerability, first identified on…
DanaBot Malware C2 server Vulnerability Exposes Threat Actor Usernames & Crypto Keys
A critical memory leak vulnerability in the DanaBot malware’s command and control infrastructure has exposed sensitive operational data belonging to cybercriminals, revealing threat actor identities, cryptographic keys, and victim information spanning nearly three years of malicious operations. The vulnerability, dubbed…
84,000+ Roundcube Webmail Installation Vulnerable to Remote Code Execution Attacks
A critical security vulnerability affecting Roundcube webmail installations has exposed over 84,000 systems worldwide to remote code execution attacks. The vulnerability, tracked as CVE-2025-49113, allows authenticated users to execute arbitrary code remotely, presenting a significant security risk to organizations relying…
ManageEngine Exchange Reporter Plus Vulnerability Allows Remote Code Execution
A severe security vulnerability has been identified in ManageEngine Exchange Reporter Plus that could allow attackers to execute arbitrary commands on target servers. Designated as CVE-2025-3835, this critical remote code execution vulnerability affects all Exchange Reporter Plus installations with build…
CISA Warns of Erlang/OTP SSH Server RCE Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH servers that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-32433, enables attackers to achieve unauthenticated remote code execution on affected systems, prompting its…
SAP June 2025 Patch Day – 14 Vulnerabilities Patched Across Multiple Products
SAP released its monthly Security Patch Day update addressing 14 critical vulnerabilities across multiple enterprise products. The comprehensive security update includes patches addressing critical authorization bypass issues and cross-site scripting vulnerabilities, with CVSS scores ranging from 3.0 to 9.6. Organizations…
Google Vulnerability Let Attackers Access Any Google User’s Phone Number
A critical security vulnerability in Google’s account recovery system allowed malicious actors to obtain the phone numbers of any Google user through a sophisticated brute-force attack, according to a disclosure by a BruteCat security researcher published this week. The vulnerability,…
Sensata Technologies Hit by Ransomware Attack – Operations Impacted
Sensata Technologies, Inc., a prominent industrial technology company based in Attleboro, Massachusetts, has disclosed a significant cybersecurity incident that compromised the personal information of hundreds of individuals. The external system breach, classified as a hacking incident, occurred on March 28,…
Google Vulnerability Let Attackers Access Any Google User Phone Number
A critical security vulnerability in Google’s account recovery system allowed malicious actors to obtain the phone numbers of any Google user through a sophisticated brute-force attack, according to a disclosure by a BruteCat security researcher published this week. The vulnerability,…
Sophisticated Skitnet Malware Actively Adopted by Ransomware Gangs to Streamline Operations
Ransomware operators have increasingly turned to a sophisticated new malware tool called Skitnet, also known as “Bossnet,” to enhance their post-exploitation capabilities and evade traditional security measures. First emerging on underground cybercrime forums in April 2024, this multi-stage malware has…
Bitter Malware Using Custom-Developed Tools To Evade Detection In Sophisticated Attacks
A comprehensive analysis of the Bitter espionage group has revealed eight years of sustained cyber operations employing increasingly sophisticated custom-developed malware tools designed to evade detection while conducting intelligence gathering activities. The threat actor, also known as TA397, has demonstrated…
New Report Uncover That Chinese Hackers Attempted To Compromise SentinelOne’s Own Servers
Chinese state-sponsored hackers launched sophisticated reconnaissance operations against cybersecurity giant SentinelOne’s infrastructure in October 2024, representing part of a broader campaign targeting over 70 organizations worldwide. The previously undisclosed attacks, detailed in a comprehensive report released by SentinelLabs on June…
APT41 Hackers Using Google Calendar for Malware Command-and-Control To Attack Government Entities
A recent campaign by Chinese state-sponsored threat actor APT41 has unveiled a novel exploitation of Google Calendar for malware command-and-control (C2) operations, marking a significant escalation in cyberespionage tactics. The group, tracked under aliases including BARIUM and Brass Typhoon, targeted…
Google Warns of Cybercriminals Increasingly Attacking US Users to Steal Login Credentials
Google’s latest comprehensive survey reveals a concerning surge in cybercriminal activities targeting American users, with over 60% of U.S. consumers reporting a noticeable increase in scam attempts over the past year. The technology giant’s collaboration with Morning Consult has unveiled…
New DuplexSpy RAT Let Attackers Gain Complete Control of Windows Machine
Cybersecurity researchers have identified a sophisticated new remote access trojan called DuplexSpy RAT that enables attackers to establish comprehensive surveillance and control over Windows systems. This multifunctional malware represents a growing trend in modular, GUI-driven threats that significantly lower the…
New Blitz Malware Attacking Windows Servers to Deploy Monero Miner
A sophisticated new malware campaign has emerged targeting Windows systems through an elaborate social engineering scheme involving backdoored gaming software. The Blitz malware, first identified in late 2024 and evolving through 2025, represents a concerning trend of cybercriminals exploiting gaming…