Reflections of the India–Pakistan Kashmir Escalation on the Cyber World
May 08, 2025
Categories
Top Articles
Severe Vulnerabilities in Cisco & SonicWall Expose Systems to RCE, DoS, and More: Patch Now
May 08, 2025
LockBit Hacked: 60,000 Bitcoin Addresses Leaked
May 08, 2025
Android's May 2025 Update Tackles CVE-2025-27363 & More – Langflow & MagicINFO Exploited, Kibana at Risk
May 07, 2025
The 5 Most Notorious Cyber Campaigns of 2024 Tracked by SOCRadar
May 06, 2025
Jan 02, 2025
Critical Vulnerabilities in Progress WhatsUp Gold (CVE-2024-12108, CVE...
Critical Vulnerabilities in Progress WhatsUp Gold (CVE-2024-12108, CVE-2024-12106); PoC Available for Oracle WebLogic Flaw Three severe vulnerabilities have recently been uncovered in WhatsUp Gold, a ...
Learn More
Dec 31, 2024
ClickFix Campaign: Fake Google Meet Alerts Spread Malware Across Windo...
ClickFix Campaign: Fake Google Meet Alerts Spread Malware Across Windows and macOS The ClickFix campaign represents a sophisticated use of social engineering to deploy malware across both Windows and ...
Learn More
Dec 31, 2024
Water Makara Campaign: A Sophisticated Spear-Phishing Attack on Brazil...
Water Makara Campaign: A Sophisticated Spear-Phishing Attack on Brazilian Enterprises The Water Makara campaign is a highly sophisticated spear-phishing attack aimed specifically at Brazilian organiza...
Learn More
Dec 31, 2024
Chinese State-Sponsored Threat Actors Breach U.S. Treasury Department ...
Chinese State-Sponsored Threat Actors Breach U.S. Treasury Department in Major Cybersecurity Incident [Update] January 7, 2025: “CISA Provides Update on U.S. Treasury Breach” Chinese state-sponsored ...
Learn More
Dec 31, 2024
Four-Faith Routers Exploited Through CVE-2024-12856 Vulnerability
Four-Faith Routers Exploited Through CVE-2024-12856 Vulnerability A newly discovered vulnerability, tracked as CVE-2024-12856, is actively being exploited in Four-Faith routers. This vulnerability all...
Learn More
Dec 30, 2024
Phishing Attack Compromises Cyberhaven’s Chrome Extension, Impacts Tho...
Phishing Attack Compromises Cyberhaven’s Chrome Extension, Impacts Thousands – What You Need to Know [Update] January 2, 2025: “New Details on the Chrome Extension Phishing Attack” A significant cyber...
Learn More
Dec 27, 2024
Severe Vulnerability in Palo Alto Networks PAN-OS Exposes Firewalls to...
Severe Vulnerability in Palo Alto Networks PAN-OS Exposes Firewalls to Denial of Service (CVE-2024-3393) [Update] December 31, 2024: CVE-2024-3393 has been added to the CISA KEV catalog* Palo Alto Net...
Learn More
Dec 25, 2024
DarkVision RAT: A Persistent Threat Delivered via PureCrypter
DarkVision RAT: A Persistent Threat Delivered via PureCrypter The DarkVision RAT malware campaign leverages the PureCrypter loader to infiltrate networks and compromise data across multiple sectors. D...
Learn More
Dec 24, 2024
Severe Path Traversal Vulnerability in Adobe ColdFusion (CVE-2024-5396...
Severe Path Traversal Vulnerability in Adobe ColdFusion (CVE-2024-53961), Update Now A critical vulnerability in Adobe ColdFusion versions 2023 and 2021 has prompted urgent security updates. Alarmingl...
Learn More
Dec 20, 2024
BeyondTrust Security Incident — Command Injection and Escalation Weakn...
BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) [Update] January 14, 2025: “CVE-2024-12686 Enters the KEV Catalog” BeyondTrust’...
Learn More
Dec 20, 2024
Sophos Firewall Update Resolves RCE and Privilege Escalation Vulnerabi...
Sophos Firewall Update Resolves RCE and Privilege Escalation Vulnerabilities (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) Recent security patches for Sophos Firewall address several serious vulner...
Learn More
Dec 19, 2024
Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Exec...
Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Execution; Next.js Auth Bypass (CVE-2024-51479) Fortinet and the popular React framework Next.js have recently addressed serious secur...
Learn More
Dec 19, 2024
The Year of Takedowns: Significant Law Enforcement Operations of 2024
The Year of Takedowns: Significant Law Enforcement Operations of 2024 As 2024 comes to a close, the global fight against cybercrime has witnessed a series of groundbreaking law enforcement operations ...
Learn More
Dec 16, 2024
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – ...
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – Cl0P’s Latest Attack Vector [Update] April 8, 2025: “WK Kellogg Confirms Data Breach Tied to Cleo Exploits” [Update] ...
Learn More
Dec 14, 2024
BadBox Malware Compromises 30,000 Devices in Germany
BadBox Malware Compromises 30,000 Devices in Germany The German Federal Office for Information Security (BSI) has taken decisive action to stop the BadBox malware campaign, which affected over 30,000 ...
Learn More
Dec 12, 2024
Major Cyber Attacks in Review: November 2024
Major Cyber Attacks in Review: November 2024 November 2024 brought several high-profile cyber attacks that targeted critical sectors, including telecommunications, supply chain management, and healthc...
Learn More
Dec 11, 2024
Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Oth...
Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Other High-Impact Flaws Ivanti recently released critical security updates to address several high-impact vulnerabilities in its prod...
Learn More
Dec 11, 2024
Cryptojacking Campaign Targets Docker and Kubernetes: Surge in Contain...
Cryptojacking Campaign Targets Docker and Kubernetes: Surge in Container-Based Attacks A recent surge in cryptojacking campaigns has targeted unsecured Docker and Kubernetes environments, exploiting m...
Learn More
Dec 11, 2024
December 2024 Patch Tuesday Update – One Actively Exploited Zero-Day, ...
December 2024 Patch Tuesday Update – One Actively Exploited Zero-Day, Multiple Critical RCEs; SAP Updates [Update] January 2, 2025: “PoC Exploit Available for Critical CVE-2024-49112 “LDAP Nightmare” ...
Learn More
Dec 10, 2024
Termite Ransomware Attack on Blue Yonder: What You Need to Know
Termite Ransomware Attack on Blue Yonder: What You Need to Know In late November 2024, Blue Yonder, a critical provider of supply chain management solutions, fell victim to a ransomware attack attribu...
Learn More