
Storm-2372: Russian APT Using Device Code Phishing in Advanced Attacks
Storm-2372: Russian APT Using Device Code Phishing in Advanced Attacks A newly uncovered cyber campaign led by the Russian state-backed group Storm-2372 is exploiting device code phishing to bypass Mu...

UNC5221 Targets Critical Ivanti Flaw (CVE-2025-22457) with TRAILBLAZE ...
UNC5221 Targets Critical Ivanti Flaw (CVE-2025-22457) with TRAILBLAZE & BRUSHFIRE Malware A recently disclosed critical vulnerability in Ivanti products, CVE-2025-22457, has drawn urgent attention...

Everything You Need to Know About the Alleged Twilio SendGrid Breach
Everything You Need to Know About the Alleged Twilio SendGrid Breach On April 3, 2025, a threat actor operating under the alias Satanic announced on BreachForums that they were in possession of a sign...

CrushFTP Vulnerability Under Active Exploitation (CVE-2025-31161): Wha...
CrushFTP Vulnerability Under Active Exploitation (CVE-2025-31161): What You Need to Know A newly discovered flaw in the CrushFTP file transfer platform is under active exploitation, with threat actors...

Alleged Check Point Breach: What Happened and What You Need to Know?
Alleged Check Point Breach: What Happened and What You Need to Know? [Update] April 2, 2025: “Latest Developments: Dissecting CoreInjection’s Claims and the Alleged Leak” On March 31, 2025, a threat a...

Mozilla Responds to Critical Vulnerability: Urgent Firefox Update
Mozilla Responds to Critical Vulnerability: Urgent Firefox Update In a rapid response to a similar vulnerability with Google Chrome, Mozilla has issued an update for its Firefox browser on Windows to ...

Ingress Nightmare: Critical Unauthenticated Remote Code Execution Vuln...
Ingress Nightmare: Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX On March 24, 2025, the Kubernetes Security Response Committee released a patch for a set of high to c...

Everything You Need to Know About Oracle Cloud Security Incident by ro...
Everything You Need to Know About Oracle Cloud Security Incident by rose87168 [Update] April 2, 2025: “What are the Recent Developments?” rose87168 is the alias of a hacker who claims to have breached...

Arkana Ransomware Attack on WideOpenWest: What You Need to Know
Arkana Ransomware Attack on WideOpenWest: What You Need to Know A previously unknown threat actor has launched its first ransomware attack, marking a worrisome new chapter in the cyber threat landscap...

Next.js Middleware Vulnerability (CVE-2025-29927): What You Need to Kn...
Next.js Middleware Vulnerability (CVE-2025-29927): What You Need to Know and How to Respond A critical security flaw has recently shaken the Next.js ecosystem, bringing urgent attention to the framewo...

Critical Veeam Vulnerability (CVE-2025-23120) Enables Remote Code Exec...
Critical Veeam Vulnerability (CVE-2025-23120) Enables Remote Code Execution by Domain Users A newly discovered vulnerability in Veeam Backup & Replication, tracked as CVE-2025-23120, has emerged a...

Windows Shortcut Zero-Day (ZDI-CAN-25373) Exploited by State-Backed Th...
Windows Shortcut Zero-Day (ZDI-CAN-25373) Exploited by State-Backed Threat Actors Since 2017: Overview of Key Details A sophisticated zero-day vulnerability, ZDI-CAN-25373, has been secretly exploited...

Apache Tomcat RCE Vulnerability (CVE-2025-24813) Under Active Exploita...
Apache Tomcat RCE Vulnerability (CVE-2025-24813) Under Active Exploitation: Patch Now A serious vulnerability in Apache Tomcat, CVE-2025-24813, is being actively exploited in the wild. This flaw allow...

Major Cyber Attacks in Review: February 2025
Major Cyber Attacks in Review: February 2025 In February 2025, several major cyber incidents demonstrated ongoing threats to industries worldwide. The Qilin ransomware attack disrupted operations at L...

Exploring MegaMedusa: The Streamlined DDoS Tool
Exploring MegaMedusa: The Streamlined DDoS Tool Distributed Denial of Service (DDoS) attacks continue to pose significant challenges in cybersecurity. Tools like MegaMedusa have made it easier for ind...

GitLab Security Update: Critical Authentication & RCE Flaws Demand Imm...
GitLab Security Update: Critical Authentication & RCE Flaws Demand Immediate Action Cybersecurity threats continue to evolve, and organizations relying on GitLab for code hosting, collaboration, a...

March 2025 Patch Tuesday: Microsoft Fixes 6 Critical & 6 Exploited Sec...
March 2025 Patch Tuesday: Microsoft Fixes 6 Critical & 6 Exploited Security Vulnerabilities Microsoft has released its highly anticipated March 2025 Patch Tuesday update, tackling a staggering 57 ...

X Faces Cyberattack: Dark Storm Team Takes Credit, Musk Blames Ukraine
X Faces Cyberattack: Dark Storm Team Takes Credit, Musk Blames Ukraine Yesterday, X (formerly Twitter) allegedly suffered a large-scale cyberattack, causing widespread outages. While Elon Musk claimed...

Critical Kibana Vulnerability (CVE-2025-25012) Exposes Systems to Code...
Critical Kibana Vulnerability (CVE-2025-25012) Exposes Systems to Code Execution, Patch Now A critical security vulnerability has been discovered in Kibana, the widely used data visualization platform...

VMware Security Alert: Active Exploitation of Zero-Day Vulnerabilities...
VMware Security Alert: Active Exploitation of Zero-Day Vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) [Update] March 7, 2025: “37,000 VMware ESXi Servers Still Vulnerable t...