ToolShell Campaign: New SharePoint Zero-Day (CVE-2025-53770) Triggers ...
ToolShell Campaign: New SharePoint Zero-Day (CVE-2025-53770) Triggers Widespread Exploitation [Update] October 23, 2025: Broader Exploitation of ToolShell Vulnerability by Chinese Threat Actors [Updat...
CVE‑2025‑37103: Remote Access Risk in Aruba Instant On Access Points D...
CVE‑2025‑37103: Remote Access Risk in Aruba Instant On Access Points Due to Hardcoded Passwords HPE has disclosed a critical vulnerability in Aruba Instant On access points. The flaw involves a hardco...
CVE-2025-54309: New CrushFTP Zero-Day Exploited in the Wild
CVE-2025-54309: New CrushFTP Zero-Day Exploited in the Wild [Update] “Exploit Details and PoC for CVE-2025-54309 Released” A zero-day vulnerability in CrushFTP, tracked as CVE-2025-54309, is under act...
CVE-2025-25257: Attackers Exploit FortiWeb SQL Injection Bug for Remot...
CVE-2025-25257: Attackers Exploit FortiWeb SQL Injection Bug for Remote Code Execution Cybersecurity researchers have sounded the alarm on an actively exploited vulnerability, tracked as CVE-2025-2525...
Cisco ISE Hit by CVSS 10 RCE Vulnerabilities Allowing Full System Take...
Cisco ISE Hit by CVSS 10 RCE Vulnerabilities Allowing Full System Takeover – Patch Now On July 16, Cisco published multiple security advisories disclosing a total of nine vulnerabilities across severa...
Operation Eastwood Targets NoName057(16) in Global Crackdown
Operation Eastwood Targets NoName057(16) in Global Crackdown An international effort, Operation Eastwood, has recently delivered a decisive blow to one of the most active pro-Russian cybercrime groups...
MITRE Launches AADAPT Framework to Secure Digital Assets
MITRE Launches New AADAPT Framework to Secure Digital Assets Threats to the foundations of the digital finance ecosystem are growing at a rapid pace. From cryptocurrency to smart contracts, vulnerabil...
CVE-2025-47812: Wing FTP Server Exposed to Root-Level RCE Attacks
CVE-2025-47812: Wing FTP Server Exposed to Root-Level RCE Attacks Wing FTP Server has been found vulnerable to a severe security flaw that is now under active exploitation. Identified as CVE-2025-4781...
July 2025 Patch Tuesday Overview: 130 Vulnerabilities & One Disclosed ...
July 2025 Patch Tuesday Overview: 130 Vulnerabilities & One Disclosed Zero-Day (CVE-2025-49719) Microsoft’s July 2025 Patch Tuesday brings fixes for 130 security vulnerabilities across its product...
CVE-2025-20309: Cisco Unified CM Flaw Enables Remote Root Access
CVE-2025-20309: Cisco Unified CM Flaw Enables Remote Root Access A newly discovered vulnerability in Cisco’s Unified Communications Manager platforms has drawn significant attention. Tracked as CVE-20...
CVE-2025-49596: Critical Flaw in Anthropic’s MCP Inspector Leads to RC...
CVE-2025-49596: Critical Flaw in Anthropic’s MCP Inspector Leads to RCE A critical vulnerability recently uncovered in Anthropic’s MCP Inspector has raised alarms across the AI developer landscape. An...
CVE-2025-6554: Chrome’s New Zero-Day Under Active Exploitation
CVE-2025-6554: Chrome’s New Zero-Day Under Active Exploitation A high-severity security flaw in Google Chrome is under active exploitation, prompting an urgent response. Identified as CVE-2025-6554, t...
How Are North Korean IT Workers Hacking the Global Remote Job Market?
How Are North Korean IT Workers Hacking the Global Remote Job Market? North Korean threat actors are no longer just building malware or running phishing campaigns. They are quietly infiltrating compan...
CVE-2025-20281 & CVE-2025-20282: Critical Cisco ISE Vulnerabilities Al...
CVE-2025-20281 & CVE-2025-20282: Critical Cisco ISE Vulnerabilities Allow Root-Level RCE [Update] July 29, 2025: “Exploit Released, Actively Used in the Wild” A new security advisory has unveiled ...
CVE-2025-5777 (CitrixBleed 2) Exposes NetScaler Gateway Devices to Rem...
CVE-2025-5777 (CitrixBleed 2) Exposes NetScaler Gateway Devices to Remote Exploitation [Update] July 3, 2026: “Ransomware Affiliates Reportedly Exploiting CitrixBleed 2 for Initial Access” [Update] Ju...
Aflac Hit by Cyberattack: What You Need to Know About the Breach
Aflac Hit by Cyberattack: What You Need to Know About the Breach In a troubling development for the insurance sector, Aflac has publicly disclosed a significant cybersecurity breach, confirming that s...
16 Billion Password Leak, Not New, Still Dangerous: What You Need to K...
16 Billion Password Leak, Not New, Still Dangerous: What You Need to Know? A recent headline from Cybernews made waves online. It claimed that over 16 billion credentials had been “leaked” in what som...
CVE-2025-5309: RCE in BeyondTrust Chat Feature Affects Remote Support ...
CVE-2025-5309: RCE in BeyondTrust Chat Feature Affects Remote Support and PRA A recently disclosed security flaw in BeyondTrust’s Remote Support and Privileged Remote Access products has drawn attenti...
How CVE-2025-6018 and CVE-2025-6019 Enable Full Root Access on Linux
How CVE-2025-6018 and CVE-2025-6019 Enable Full Root Access on Linux Two newly uncovered Local Privilege Escalation (LPE) vulnerabilities, CVE-2025-6018 and CVE-2025-6019, could allow attackers to cha...
CVE-2025-3248 in Langflow Exploited to Deploy Flodrix Botnet
CVE-2025-3248 in Langflow Exploited to Deploy Flodrix Botnet An alarming new chapter has emerged in the exploitation of CVE-2025-3248, a critical vulnerability affecting Langflow – a widely used frame...