BreachForums Seized (Yes, Again)
BreachForums Seized (Yes, Again) The U.S. Department of Justice, FBI, and France’s BL2C cybercrime unit, with support from the Paris Prosecutor’s Office, have seized the latest BreachForums domain, ma...
Discord Breach: What We Know So Far?
Discord Breach: What We Know So Far? Discord confirmed a data breach linked to a third-party customer support vendor. Hackers claim to have stolen data from 5.5 million users, including government IDs...
Redis RediShell Vulnerability (CVE-2025-49844): What You Need to Know
Redis RediShell Vulnerability (CVE-2025-49844): What You Need to Know When one of the most widely used databases in the cloud world turns out to have a critical flaw, it’s worth paying attention. Redi...
CVE-2025-61882: Oracle E-Business Suite Exploited – What You Need to K...
CVE-2025-61882: Oracle E-Business Suite Exploited – What You Need to Know Recently, Oracle confirmed a critical zero-day vulnerability in Oracle E-Business Suite (EBS), tracked as CVE-2025-61882. The ...
Fake Microsoft Teams Installers Deliver Oyster Backdoor
Fake Microsoft Teams Installers Deliver Oyster Backdoor Malicious ads and SEO poisoning are still good ways to get into someone’s computer. A recent campaign shows this again by getting people to down...
Red Hat Breach: Crimson Collective Claims Massive Theft of Private Rep...
Red Hat Breach: Crimson Collective Claims Massive Theft of Private Repositories [Update] October 14, 2025: Crimson Collective Advertises Stolen Red Hat Data for Sale [Update] October 7, 2025: Crimson...
CVE-2025-32463: Sudo Privilege Escalation Vulnerability Exploited, CIS...
CVE-2025-32463: Sudo Privilege Escalation Vulnerability Exploited, CISA Warns The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that attackers are actively exploiting CVE-...
VMware CVE-2025-41244 Exploited: What You Need to Know About the Lates...
VMware CVE-2025-41244 Exploited: What You Need to Know About the Latest Flaws [Update] VMware Aria Operations & Tools Vulnerability (CVE-2025-41244) Added to CISA KEV Cybersecurity researchers hav...
Cisco ASA, FTD Devices Under Active Attack via Zero-Days CVE-2025-2033...
Cisco ASA, FTD Devices Under Active Attack via Zero-Days CVE-2025-20333 & CVE-2025-20362 A newly disclosed wave of zero-day attacks is targeting Cisco firewall products, raising urgent concerns fo...
CVE-2025-20352: Zero-Day in Cisco IOS & IOS XE SNMP Exploited, Allows ...
CVE-2025-20352: Zero-Day in Cisco IOS & IOS XE SNMP Exploited, Allows DoS and Root RCE [Update] Attackers Exploit CVE-2025-20352 to Deploy Rootkits in Operation Zero Disco [Update] CVE-2025-20352...
CVE-2025-26399: Critical RCE in SolarWinds Web Help Desk Receives a Ho...
CVE-2025-26399: Critical RCE in SolarWinds Web Help Desk Receives a Hotfix Another critical security vulnerability has emerged in SolarWinds’ widely used Web Help Desk software. Marked with a near-max...
CVE-2025-10035: Critical GoAnywhere MFT Vulnerability Could Lead to Co...
CVE-2025-10035: Critical GoAnywhere MFT Vulnerability Could Lead to Command Injection [Update] October 7, 2025: Added details on active exploitation of CVE-2025-10035 by Storm-1175 to deploy Medusa ra...
Heathrow Airport Cyberattack: What Happened, Who's Affected, and What ...
Heathrow Airport Cyberattack: What Happened, Who’s Affected, and What CISOs Should Know [Update] October 22, 2025: Everest Group Claims Responsibility and Shares Alleged Proof of Collins Aerospace Bre...
CVE-2025-10585: New Chrome V8 Zero-Day Exploited in the Wild
CVE-2025-10585: New Chrome V8 Zero-Day Exploited in the Wild Google has released a security update for Chrome users, involving a serious vulnerability that is exploited in the wild. The flaw, identifi...
Shai-Hulud npm Supply Chain Attack: What You Need to Know
Shai-Hulud npm Supply Chain Attack: What You Need to Know In September 2025, the open-source ecosystem experienced a significant threat: the Shai-Hulud npm supply chain attack. Malicious packages were...
August 2025: SaaS Supply Chain Breaches, Telecom Data Exposures, and R...
August 2025: SaaS Supply Chain Breaches, Telecom Data Exposures, and Ransomware Campaigns August 2025 saw a wave of high-impact cyber incidents affecting millions worldwide. SaaS supply chain threats ...
RCE Risk in Cursor AI Code Editor When Opening Folders
RCE Risk in Cursor AI Code Editor When Opening Folders Imagine opening a code project and instantly triggering a background script without touching a key or clicking “run.” That’s not a feature. That’...
FinalDraft Malware: The Stealthy Threat Using Microsoft Services
FinalDraft Malware: The Stealthy Threat Using Microsoft Services Designed for covert, long-term espionage, FinalDraft malware masterfully blends into legitimate Microsoft services to avoid detection, ...
September 2025 Patch Tuesday: 2 Zero-Days (CVE-2025-55234 & CVE-2024-2...
September 2025 Patch Tuesday: 2 Zero-Days (CVE-2025-55234 & CVE-2024-21907), 81 Microsoft Flaws Microsoft has released its September 2025 Patch Tuesday updates, addressing 81 vulnerabilities acros...
Massive npm Supply Chain Attack Exposes Millions to Crypto-Stealing Ma...
Massive npm Supply Chain Attack Exposes Millions to Crypto-Stealing Malware Yesterday, researchers issued a warning about a major npm supply chain attack that has disrupted the JavaScript ecosystem. A...