
Critical Veeam Vulnerability (CVE-2025-23120) Enables Remote Code Exec...
Critical Veeam Vulnerability (CVE-2025-23120) Enables Remote Code Execution by Domain Users A newly discovered vulnerability in Veeam Backup & Replication, tracked as CVE-2025-23120, has emerged a...

Dark Web Profile: FSociety (Flocker) Ransomware
Dark Web Profile: FSociety (Flocker) Ransomware FSociety or Flocker ransomware, discovered in 2024, is a relatively new strain operating as Ransomware-as-a-Service (RaaS), enabling cybercriminals to e...

Windows Shortcut Zero-Day (ZDI-CAN-25373) Exploited by State-Backed Th...
Windows Shortcut Zero-Day (ZDI-CAN-25373) Exploited by State-Backed Threat Actors Since 2017: Overview of Key Details A sophisticated zero-day vulnerability, ZDI-CAN-25373, has been secretly exploited...

Apache Tomcat RCE Vulnerability (CVE-2025-24813) Under Active Exploita...
Apache Tomcat RCE Vulnerability (CVE-2025-24813) Under Active Exploitation: Patch Now A serious vulnerability in Apache Tomcat, CVE-2025-24813, is being actively exploited in the wild. This flaw allow...

Major Cyber Attacks in Review: February 2025
Major Cyber Attacks in Review: February 2025 In February 2025, several major cyber incidents demonstrated ongoing threats to industries worldwide. The Qilin ransomware attack disrupted operations at L...

AUTOSUR Breach, FiveM Database Leak, Disney+ Account Checker, Crypto L...
AUTOSUR Breach, FiveM Database Leak, Disney+ Account Checker, Crypto Leads & Forex Scams Exposed Cybercriminals continue to target industries worldwide, with SOCRadar’s Dark Web Team uncovering a ...

Exploring MegaMedusa: The Streamlined DDoS Tool
Exploring MegaMedusa: The Streamlined DDoS Tool Distributed Denial of Service (DDoS) attacks continue to pose significant challenges in cybersecurity. Tools like MegaMedusa have made it easier for ind...

Major Cyber Attacks Targeting the Finance Industry
Major Cyber Attacks Targeting the Finance Industry The finance industry is an attractive target for cybercriminals due to the large amounts of sensitive data and financial assets at stake. Over the pa...

GitLab Security Update: Critical Authentication & RCE Flaws Demand Imm...
GitLab Security Update: Critical Authentication & RCE Flaws Demand Immediate Action Cybersecurity threats continue to evolve, and organizations relying on GitLab for code hosting, collaboration, a...

March 2025 Patch Tuesday: Microsoft Fixes 6 Critical & 6 Exploited Sec...
March 2025 Patch Tuesday: Microsoft Fixes 6 Critical & 6 Exploited Security Vulnerabilities Microsoft has released its highly anticipated March 2025 Patch Tuesday update, tackling a staggering 57 ...

Top 20 Free APIs for Cybersecurity: Threat Intelligence, Malware Analy...
Top 20 Free APIs for Cybersecurity: Threat Intelligence, Malware Analysis & More APIs matter because they serve as the glue that connects different software applications, enabling seamless communi...

X Faces Cyberattack: Dark Storm Team Takes Credit, Musk Blames Ukraine
X Faces Cyberattack: Dark Storm Team Takes Credit, Musk Blames Ukraine Yesterday, X (formerly Twitter) allegedly suffered a large-scale cyberattack, causing widespread outages. While Elon Musk claimed...

Top 20 Cybersecurity Conferences and Events to Attend in 2025
Top 20 Cybersecurity Conferences and Events to Attend in 2025 As cyber threats become more complex, staying updated on the latest security trends is more critical than ever. Attending top cybersecurit...

New Bank Log Service, TP-Link Zero-Day, Wizz Air Data Leak, and D2C Fr...
New Bank Log Service, TP-Link Zero-Day, Wizz Air Data Leak, and D2C Fraud Scheme Hacker forums continue to see a high level of cybercriminal activity, and this week, SOCRadar’s Dark Web Team dis...

Dark Web Profile: APT35
Dark Web Profile: APT35 APT35, also known as Charming Kitten, Phosphorus, Mint Sandstorm, and many other names, is an Iranian state-sponsored cyberwarfare group classified as an advanced persistent th...

Securing Your Browser Against Cross-Site Scripting (XSS) Attacks
Securing Your Browser Against Cross-Site Scripting (XSS) Attacks Cross-site scripting (XSS) is one of the most common web security vulnerabilities. Despite the fact that it is not frequently exploited...

Dark Peep #18: If It’s Easy for You, It’s Easy for Hackers
Dark Peep #18: If It’s Easy for You, It’s Easy for Hackers Some dark web stories are scary, some are shocking, and then there are the ones that make you go “Wait… what?” This is one of those. In this ...

Top 10 AI Deepfake Detection Tools to Combat Digital Deception in 2025
Top 10 AI Deepfake Detection Tools to Combat Digital Deception in 2025 Deepfake technology has advanced to the point where distinguishing real content from AI-generated media is becoming increasingly ...

Critical Kibana Vulnerability (CVE-2025-25012) Exposes Systems to Code...
Critical Kibana Vulnerability (CVE-2025-25012) Exposes Systems to Code Execution, Patch Now A critical security vulnerability has been discovered in Kibana, the widely used data visualization platform...

VMware Security Alert: Active Exploitation of Zero-Day Vulnerabilities...
VMware Security Alert: Active Exploitation of Zero-Day Vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) [Update] March 7, 2025: “37,000 VMware ESXi Servers Still Vulnerable t...