HTTP/2 Bomb: How Default Configurations Open a New DoS Vector
Jun 04, 2026
Categories
Top Articles
CVE-2025-48595: June 2026 Android Security Update Fixes Framework Zero-Day
Jun 03, 2026
Charter Data Breach: ShinyHunters Claims 42 Million Records Stolen on the Dark Web
May 29, 2026
April 2026: ShinyHunters Hits Medtronic and ADT as North Korean Hackers Drain DeFi Protocols
May 29, 2026
TrapDoor: Malicious npm, PyPI, Crates.io Packages Target Developer Secrets & AI Tooling
May 25, 2026
Dec 30, 2024
Phishing Attack Compromises Cyberhaven’s Chrome Extension, Impacts Tho...
Phishing Attack Compromises Cyberhaven’s Chrome Extension, Impacts Thousands – What You Need to Know [Update] January 2, 2025: “New Details on the Chrome Extension Phishing Attack” A significant cyber...
Learn More
Dec 27, 2024
Severe Vulnerability in Palo Alto Networks PAN-OS Exposes Firewalls to...
Severe Vulnerability in Palo Alto Networks PAN-OS Exposes Firewalls to Denial of Service (CVE-2024-3393) [Update] December 31, 2024: CVE-2024-3393 has been added to the CISA KEV catalog* Palo Alto Net...
Learn More
Dec 25, 2024
DarkVision RAT: A Persistent Threat Delivered via PureCrypter
DarkVision RAT: A Persistent Threat Delivered via PureCrypter The DarkVision RAT malware campaign leverages the PureCrypter loader to infiltrate networks and compromise data across multiple sectors. D...
Learn More
Dec 24, 2024
Severe Path Traversal Vulnerability in Adobe ColdFusion (CVE-2024-5396...
Severe Path Traversal Vulnerability in Adobe ColdFusion (CVE-2024-53961), Update Now A critical vulnerability in Adobe ColdFusion versions 2023 and 2021 has prompted urgent security updates. Alarmingl...
Learn More
Dec 20, 2024
BeyondTrust Security Incident — Command Injection and Escalation Weakn...
BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) [Update] January 14, 2025: “CVE-2024-12686 Enters the KEV Catalog” BeyondTrust’s Privileged...
Learn More
Dec 20, 2024
Sophos Firewall Update Resolves RCE and Privilege Escalation Vulnerabi...
Sophos Firewall Update Resolves RCE and Privilege Escalation Vulnerabilities (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) Recent security patches for Sophos Firewall address several serious vulner...
Learn More
Dec 19, 2024
Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Exec...
Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Execution; Next.js Auth Bypass (CVE-2024-51479) Fortinet and the popular React framework Next.js have recently addressed serious secur...
Learn More
Dec 19, 2024
The Year of Takedowns: Significant Law Enforcement Operations of 2024
The Year of Takedowns: Significant Law Enforcement Operations of 2024 As 2024 comes to a close, the global fight against cybercrime has witnessed a series of groundbreaking law enforcement operations ...
Learn More
Dec 16, 2024
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – ...
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – Cl0P’s Latest Attack Vector [Update] April 8, 2025: “WK Kellogg Confirms Data Breach Tied to Cleo Exploits” [Update] February 25,...
Learn More
Dec 14, 2024
BadBox Malware Compromises 30,000 Devices in Germany
BadBox Malware Compromises 30,000 Devices in Germany The German Federal Office for Information Security (BSI) has taken decisive action to stop the BadBox malware campaign, which affected over 30,000 ...
Learn More
Dec 12, 2024
Major Cyber Attacks in Review: November 2024
Major Cyber Attacks in Review: November 2024 November 2024 brought several high-profile cyber attacks that targeted critical sectors, including telecommunications, supply chain management, and healthc...
Learn More
Dec 11, 2024
Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Oth...
Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Other High-Impact Flaws Ivanti recently released critical security updates to address several high-impact vulnerabilities in its prod...
Learn More
Dec 11, 2024
Cryptojacking Campaign Targets Docker and Kubernetes: Surge in Contain...
Cryptojacking Campaign Targets Docker and Kubernetes: Surge in Container-Based Attacks A recent surge in cryptojacking campaigns has targeted unsecured Docker and Kubernetes environments, exploiting m...
Learn More
Dec 11, 2024
December 2024 Patch Tuesday Update – One Actively Exploited Zero-Day, ...
December 2024 Patch Tuesday Update – One Actively Exploited Zero-Day, Multiple Critical RCEs; SAP Updates [Update] January 2, 2025: “PoC Exploit Available for Critical CVE-2024-49112 “LDAP Nightmare” ...
Learn More
Dec 10, 2024
Termite Ransomware Attack on Blue Yonder: What You Need to Know
Termite Ransomware Attack on Blue Yonder: What You Need to Know In late November 2024, Blue Yonder, a critical provider of supply chain management solutions, fell victim to a ransomware attack attribu...
Learn More
Dec 10, 2024
OpenWrt’s Attended SysUpgrade (ASU) Vulnerability Exposes Routers to M...
OpenWrt’s Attended SysUpgrade (ASU) Vulnerability Exposes Routers to Malicious Firmware Attacks OpenWrt, a popular open-source Linux-based embedded operating system, recently discovered a critical vul...
Learn More
Dec 06, 2024
Mitel MiCollab PoC Exploit Links CVE-2024-41713 and Zero-Day, Exposing...
Mitel MiCollab PoC Exploit Links CVE-2024-41713 and Zero-Day, Exposing Sensitive Files [Update] January 8, 2025: “CISA Adds Mitel MiCollab Vulnerabilities to KEV Catalog” Cyberattacks targeting VoIP ...
Learn More
Dec 06, 2024
Manson Market Takedown: Europol Aids Law Enforcement Operation to Disr...
Manson Market Takedown: Europol Aids Law Enforcement Operation to Disrupt Online Fraud The digital age has opened the way for increasingly sophisticated cybercriminal networks. These groups target ind...
Learn More
Dec 05, 2024
How Tariffs Impact Supply Chain Security and Strategies to Mitigate Ri...
How Tariffs Impact Supply Chain Security and Strategies to Mitigate Risks Recent announcements regarding new tariffs on China, Mexico, and Canada highlight a looming shift in global trade dynamics. Wi...
Learn More
Dec 04, 2024
Veeam Service Provider Console (VSPC) Users Urged to Patch CVE-2024-42...
Veeam Service Provider Console (VSPC) Users Urged to Patch CVE-2024-42448 and CVE-2024-42449 Veeam has recently released patches addressing two serious security vulnerabilities in its Service Provider...
Learn More
