Critical Kibana Vulnerability (CVE-2025-25012) Exposes Systems to Code Execution, Patch Now
Mar 06, 2025
Categories
Top Articles
VMware Security Alert: Active Exploitation of Zero-Day Vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226)
Mar 05, 2025
23 Billion Rows of Stolen Records: What You Need to Know?
Feb 26, 2025
Security Alert: Critical Flaws in MITRE Caldera and Parallels Desktop (CVE-2025-27364, CVE-2024-34331)
Feb 25, 2025
Black Basta’s Internal Chats Leak: Everything You Need to Know
Feb 21, 2025
Jan 06, 2025
Black Basta’s Tactical Evolution: Deploying Zbot, DarkGate, and Bespok...
Black Basta’s Tactical Evolution: Deploying Zbot, DarkGate, and Bespoke Malware In the ever-escalating landscape of cyber threats, Black Basta has emerged as a formidable ransomware group, continually...
Learn More
Jan 03, 2025
Cerberus Unchained: The Multi-Stage Trojan Banking Campaign Targeting ...
Cerberus Unchained: The Multi-Stage Trojan Banking Campaign Targeting Android Devices The Cerberus Android banking trojan has reemerged in a sophisticated multi-stage attack campaign targeting banking...
Learn More
Jan 03, 2025
The WarmCookie Malware Campaign: A Sneaky Threat Posed by Fake Browser...
The WarmCookie Malware Campaign: A Sneaky Threat Posed by Fake Browser Updates The WarmCookie malware campaign poses a significant threat by deceiving users into downloading malicious software under t...
Learn More
Jan 02, 2025
Critical Vulnerabilities in Progress WhatsUp Gold (CVE-2024-12108, CVE...
Critical Vulnerabilities in Progress WhatsUp Gold (CVE-2024-12108, CVE-2024-12106); PoC Available for Oracle WebLogic Flaw Three severe vulnerabilities have recently been uncovered in WhatsUp Gold, a ...
Learn More
Dec 31, 2024
ClickFix Campaign: Fake Google Meet Alerts Spread Malware Across Windo...
ClickFix Campaign: Fake Google Meet Alerts Spread Malware Across Windows and macOS The ClickFix campaign represents a sophisticated use of social engineering to deploy malware across both Windows and ...
Learn More
Dec 31, 2024
Water Makara Campaign: A Sophisticated Spear-Phishing Attack on Brazil...
Water Makara Campaign: A Sophisticated Spear-Phishing Attack on Brazilian Enterprises The Water Makara campaign is a highly sophisticated spear-phishing attack aimed specifically at Brazilian organiza...
Learn More
Dec 31, 2024
Chinese State-Sponsored Threat Actors Breach U.S. Treasury Department ...
Chinese State-Sponsored Threat Actors Breach U.S. Treasury Department in Major Cybersecurity Incident [Update] January 7, 2025: “CISA Provides Update on U.S. Treasury Breach” Chinese state-sponsored ...
Learn More
Dec 31, 2024
Four-Faith Routers Exploited Through CVE-2024-12856 Vulnerability
Four-Faith Routers Exploited Through CVE-2024-12856 Vulnerability A newly discovered vulnerability, tracked as CVE-2024-12856, is actively being exploited in Four-Faith routers. This vulnerability all...
Learn More
Dec 30, 2024
Phishing Attack Compromises Cyberhaven’s Chrome Extension, Impacts Tho...
Phishing Attack Compromises Cyberhaven’s Chrome Extension, Impacts Thousands – What You Need to Know [Update] January 2, 2025: “New Details on the Chrome Extension Phishing Attack” A significant cyber...
Learn More
Dec 27, 2024
Severe Vulnerability in Palo Alto Networks PAN-OS Exposes Firewalls to...
Severe Vulnerability in Palo Alto Networks PAN-OS Exposes Firewalls to Denial of Service (CVE-2024-3393) [Update] December 31, 2024: CVE-2024-3393 has been added to the CISA KEV catalog* Palo Alto Net...
Learn More
Dec 25, 2024
DarkVision RAT: A Persistent Threat Delivered via PureCrypter
DarkVision RAT: A Persistent Threat Delivered via PureCrypter The DarkVision RAT malware campaign leverages the PureCrypter loader to infiltrate networks and compromise data across multiple sectors. D...
Learn More
Dec 24, 2024
Severe Path Traversal Vulnerability in Adobe ColdFusion (CVE-2024-5396...
Severe Path Traversal Vulnerability in Adobe ColdFusion (CVE-2024-53961), Update Now A critical vulnerability in Adobe ColdFusion versions 2023 and 2021 has prompted urgent security updates. Alarmingl...
Learn More
Dec 20, 2024
BeyondTrust Security Incident — Command Injection and Escalation Weakn...
BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) [Update] January 14, 2025: “CVE-2024-12686 Enters the KEV Catalog” BeyondTrust’...
Learn More
Dec 20, 2024
Sophos Firewall Update Resolves RCE and Privilege Escalation Vulnerabi...
Sophos Firewall Update Resolves RCE and Privilege Escalation Vulnerabilities (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) Recent security patches for Sophos Firewall address several serious vulner...
Learn More
Dec 19, 2024
Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Exec...
Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Execution; Next.js Auth Bypass (CVE-2024-51479) Fortinet and the popular React framework Next.js have recently addressed serious secur...
Learn More
Dec 19, 2024
The Year of Takedowns: Significant Law Enforcement Operations of 2024
The Year of Takedowns: Significant Law Enforcement Operations of 2024 As 2024 comes to a close, the global fight against cybercrime has witnessed a series of groundbreaking law enforcement operations ...
Learn More
Dec 16, 2024
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – ...
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – Cl0P’s Latest Attack Vector [Update] February 25, 2025: “Cl0p Ransomware Expands Its Victim List with 183 Additional Organiz...
Learn More
Dec 14, 2024
BadBox Malware Compromises 30,000 Devices in Germany
BadBox Malware Compromises 30,000 Devices in Germany The German Federal Office for Information Security (BSI) has taken decisive action to stop the BadBox malware campaign, which affected over 30,000 ...
Learn More
Dec 12, 2024
Major Cyber Attacks in Review: November 2024
Major Cyber Attacks in Review: November 2024 November 2024 brought several high-profile cyber attacks that targeted critical sectors, including telecommunications, supply chain management, and healthc...
Learn More
Dec 11, 2024
Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Oth...
Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Other High-Impact Flaws Ivanti recently released critical security updates to address several high-impact vulnerabilities in its prod...
Learn More
