Cyber threat intelligence (CTI) is the practice of collecting, analyzing, and transforming data about cyber threats into actionable insights to protect organizations. For Chief Information Security Officers (CISOs), understanding and leveraging threat intelligence is crucial to safeguarding organizational assets and…
Tag: Cyber Security News
Android Security Update – Patch for Vulnerabilities that Allows Privilege Escalation
Google has released a comprehensive security update for Android devices addressing multiple high-severity vulnerabilities that could allow privilege escalation and remote code execution. The update targets critical flaws across major hardware vendors, including Arm, Imagination Technologies, and Qualcomm, with many…
New Safari XSS Flaw Leverages JavaScript Error Handling to Execute Arbitrary Code
A new cross-site scripting (XSS) vulnerability in Safari that exploits the browser’s TypeError exception handling mechanism to execute arbitrary JavaScript code. The flaw, discovered during Gareth Heyes research into payload concealment techniques, demonstrates how Safari’s improper handling of quote escaping…
Aembit Expands Workload IAM to Microsoft Ecosystem, Enhancing Hybrid Security for Non-Human Identities
Aembit, the workload identity and access management (IAM) company, today announced a major expansion of its platform to support Microsoft environments. With this launch, enterprises can now enforce secure, policy-based access for software workloads and agentic AI running on Windows…
Microsoft Edge for Android Adds InPrivate Tab Locking with PIN & Bio Authentication
Microsoft Edge for Android is rolling out an enhanced privacy feature that allows users to secure their InPrivate browsing sessions with PIN codes or biometric authentication when switching away from the app, bringing the browser in line with similar functionality…
Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript
A sophisticated cryptocurrency theft campaign has emerged on the npm package registry, targeting developers and cryptocurrency users through malicious packages designed to drain Ethereum and Binance Smart Chain wallets. The attack leverages heavily obfuscated JavaScript code to steal up to…
Beware of Fake Booking.com Sites That Infects Your Devices With AsyncRAT
Cybercriminals have launched a sophisticated campaign targeting travelers through fake Booking.com websites that deploy AsyncRAT malware, according to recent security research. The threat actors redirect users from gaming sites, social media platforms, and sponsored advertisements to convincing replica booking sites…
Splunk Universal Forwarder on Windows Lets Non-Admin Users Access All Contents
A high-severity vulnerability was uncovered in Splunk Universal Forwarder for Windows that compromises directory access controls. The flaw, designated CVE-2025-20298 with a CVSSv3.1 score of 8.0, affects multiple versions of the software and poses significant security risks to enterprise environments…
SolarWinds Dameware Remote Control Service Vulnerability Allows Privilege Escalation
A significant vulnerability, CVE-2025-26396, affects the SolarWinds Dameware Mini Remote Control Service could allow attackers to escalate privileges on affected systems. Security researcher Alexander Pudwill, working with Trend Micro Zero Day Initiative, responsibly disclosed the flaw to SolarWinds. In a…
Threat Actors Seeking to Bypass PerimeterX CAPTCHA to Create a Microsoft Account Automatically
Underground cybercriminal forums have recently witnessed a solicitation seeking developers capable of bypassing PerimeterX (PX) CAPTCHA protection systems, specifically targeting Microsoft’s account registration infrastructure. The threat actor is offering $1,500 USD for a working solution to circumvent the “hold CAPTCHA”…
New Lyrix Ransomware Attacking Windows Users With New Evasion Tactics
A sophisticated new ransomware strain dubbed “Lyrix” has emerged in the cyberthreat landscape, targeting Windows systems with an arsenal of advanced evasion techniques that have caught the attention of security researchers worldwide. The malware represents a significant evolution in ransomware…
New ModSecurity WAF Vulnerability Let Attackers Crash the System
A significant denial of service vulnerability has been discovered in ModSecurity, one of the most widely deployed open-source web application firewall (WAF) engines used to protect Apache, IIS, and Nginx web servers. The vulnerability, designated as CVE-2025-48866, affects all ModSecurity…
Microsoft and CrowdStrike Teaming Up to Bring Clarity To Threat Actor Mapping
Microsoft and CrowdStrike announced a groundbreaking collaboration yesterday to streamline the confusing landscape of cyberthreat actor identification, marking what industry experts are calling a watershed moment for cybersecurity intelligence sharing. The partnership addresses a critical challenge that has long plagued…
Multiple HPE StoreOnce Vulnerabilities Let Attackers Execute Malicious Code Remotely
Multiple security vulnerabilities in Hewlett-Packard Enterprise (HPE) StoreOnce software platform that could allow remote attackers to execute malicious code, bypass authentication mechanisms, and access sensitive enterprise data. The vulnerabilities affect HPE StoreOnce VSA versions prior to 4.3.11 and present significant…
Splunk Enterprise XSS Vulnerability Let Attackers Execute Unauthorized JavaScript Code
A significant security vulnerability in the Splunk Enterprise platform could allow low-privileged attackers to execute unauthorized JavaScript code through a reflected Cross-Site Scripting (XSS) flaw. The vulnerability, tracked as CVE-2025-20297, affects multiple versions of Splunk Enterprise and Splunk Cloud Platform,…
Hackers Exploit AI Tools Misconfiguration To Run Malicious AI-generated Payloads
Cybercriminals are increasingly leveraging misconfigured artificial intelligence tools to execute sophisticated attacks that generate and deploy malicious payloads automatically, marking a concerning evolution in threat actor capabilities. This emerging attack vector combines traditional configuration vulnerabilities with the power of AI-driven…
SentinelOne Global Service Outage Root Cause Revealed
Cybersecurity company SentinelOne has released a comprehensive root cause analysis revealing that a software flaw in an infrastructure control system caused the global service disruption that affected customers worldwide on May 29, 2025. The outage, which lasted approximately 20 hours,…
Google Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code
Google has released an emergency security update for Chrome after confirming that a critical zero-day vulnerability is being actively exploited by attackers in the wild. The vulnerability, tracked as CVE-2025-5419, allows threat actors to execute arbitrary code on victims’ systems…
Future of Passwords Biometrics and Passwordless Authentication
The digital authentication landscape is dramatically transforming as passwordless technologies gain unprecedented momentum. Passkey adoption surging 400% in 2024 alone. Despite predictions that passwords will become obsolete, emerging evidence suggests the future lies not in their complete elimination but in…
Ransomware Negotiation When and How to Engage Attackers
As ransomware attacks devastate organizations globally, many companies are turning to professional negotiators to engage directly with cybercriminals, despite strong government opposition to paying ransoms. This emerging practice has sparked intense debate about when negotiation becomes necessary and how organizations…