
Critical SAP NetWeaver Vulnerability (CVE-2025-31324) Allows Unauthori...
Critical SAP NetWeaver Vulnerability (CVE-2025-31324) Allows Unauthorized Upload of Malicious Executables In a critical security alert, SAP has released an emergency patch for CVE-2025-31324 — a sever...

Blue Shield’s Google Analytics Error Exposes 4.7 Million Health Record...
Blue Shield’s Google Analytics Error Exposes 4.7 Million Health Records A recent data breach at Blue Shield of California has exposed sensitive health information of nearly 4.7 million individuals, hi...

GitLab Issues Security Patch in April 2025
GitLab Issues Security Patch in April 2025 GitLab has issued a new patch release covering versions 17.11.1, 17.10.5, and 17.9.7 for both the Community Edition (CE) and Enterprise Edition (EE), introdu...

Microsoft Entra Account Lockouts Explained (FAQ on the MACE Credential...
Microsoft Entra Account Lockouts Explained (FAQ on the MACE Credential Revocation Alerts) [Update] April 22, 2025: Microsoft Confirms Cause of Entra Account Lockouts Starting around April 19, system a...

FortiGate Devices Compromised by Stealthy Backdoor Technique
FortiGate Devices Compromised by Stealthy Backdoor Technique A backdoor discovered in Fortinet FortiGate devices has drawn attention due to its ability to persist even after patches are applied. The m...

TL;DR: MITRE CVE Program Funding Expiration – What CISOs Must Know
TL;DR: MITRE CVE Program Funding Expiration – What CISOs Must Know MITRE’s funding to manage the CVE program was reported to be expiring, triggering immediate alarm across the cybersecurity landscape....

BidenCash Dark Web Market Leaks Nearly One Million Credit Cards
BidenCash Dark Web Market Leaks Nearly One Million Credit Cards Nearly one million leaked credit cards have been exposed by the dark web market BidenCash in a newly launched campaign. Shared through c...

BreachForums is Offline: A New Twist or Just Another Cyber Shenanigan?
BreachForums is Offline: A New Twist or Just Another Cyber Shenanigan? [Update] April 28, 2025: “BreachForums Administration Finally Responds” [Update] April 25, 2025: “Is BreachForums Finished? Admin...

Critical Fortinet Vulnerability (CVE-2024-48887) Puts FortiSwitch Admi...
Critical Fortinet Vulnerability (CVE-2024-48887) Puts FortiSwitch Admin Credentials at Risk A newly disclosed critical vulnerability in Fortinet’s FortiSwitch product line is raising urgent security c...

April 2025 Patch Tuesday: Microsoft Addresses 126 Vulnerabilities Incl...
April 2025 Patch Tuesday: Microsoft Addresses 126 Vulnerabilities Including Actively Exploited CLFS Zero-Day Microsoft’s April 2025 Patch Tuesday brings an extensive set of updates aimed at shoring up...

April 2025 Android Update: Actively Exploited Kernel Bugs and Remote P...
April 2025 Android Update: Actively Exploited Kernel Bugs and Remote Privilege Escalation Threat Google has just released its April 2025 Android security bulletin, addressing a broad spectrum of vulne...

Storm-2372: Russian APT Using Device Code Phishing in Advanced Attacks
Storm-2372: Russian APT Using Device Code Phishing in Advanced Attacks A newly uncovered cyber campaign led by the Russian state-backed group Storm-2372 is exploiting device code phishing to bypass Mu...

UNC5221 Targets Critical Ivanti Flaw (CVE-2025-22457) with TRAILBLAZE ...
UNC5221 Targets Critical Ivanti Flaw (CVE-2025-22457) with TRAILBLAZE & BRUSHFIRE Malware A recently disclosed critical vulnerability in Ivanti products, CVE-2025-22457, has drawn urgent attention...

Everything You Need to Know About the Alleged Twilio SendGrid Breach
Everything You Need to Know About the Alleged Twilio SendGrid Breach [Update] April 9, 2025: “Alleged Breach Expands Beyond SendGrid” On April 3, 2025, a threat actor operating under the alias Satanic...

CrushFTP Vulnerability Under Active Exploitation (CVE-2025-31161): Wha...
CrushFTP Vulnerability Under Active Exploitation (CVE-2025-31161): What You Need to Know [Update] April 8, 2025: CISA Flags Actively Exploited CrushFTP Vulnerability (CVE-2025-31161) A newly discovere...

Alleged Check Point Breach: What Happened and What You Need to Know?
Alleged Check Point Breach: What Happened and What You Need to Know? [Update] April 2, 2025: “Latest Developments: Dissecting CoreInjection’s Claims and the Alleged Leak” On March 31, 2025, a threat a...

Mozilla Responds to Critical Vulnerability: Urgent Firefox Update
Mozilla Responds to Critical Vulnerability: Urgent Firefox Update In a rapid response to a similar vulnerability with Google Chrome, Mozilla has issued an update for its Firefox browser on Windows to ...

Ingress Nightmare: Critical Unauthenticated Remote Code Execution Vuln...
Ingress Nightmare: Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX On March 24, 2025, the Kubernetes Security Response Committee released a patch for a set of high to c...

Everything You Need to Know About Oracle Cloud Security Incident by ro...
Everything You Need to Know About Oracle Cloud Security Incident by rose87168 [Update] April 2, 2025: “What are the Recent Developments?” [Update] April 9, 2025: “Oracle has reportedly begun notifying...

Arkana Ransomware Attack on WideOpenWest: What You Need to Know
Arkana Ransomware Attack on WideOpenWest: What You Need to Know A previously unknown threat actor has launched its first ransomware attack, marking a worrisome new chapter in the cyber threat landscap...