CVE-2025-43529 & CVE-2025-14174: Apple and Google’s Zero-Day Patches
CVE-2025-43529 & CVE-2025-14174: Apple and Google’s Zero-Day Patches Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities (CVE-2025-43529 & ...
Google Chrome Zero-Day Actively Exploited via ANGLE Graphics Component
Google Chrome Zero-Day Actively Exploited via ANGLE Graphics Component Google has released a new Chrome security update that addresses multiple vulnerabilities, including a high-severity flaw (4661920...
December 2025 Patch Tuesday: 3 Zero-Days Fixed, CVE-2025-62221 Activel...
December 2025 Patch Tuesday: 3 Zero-Days Fixed, CVE-2025-62221 Actively Exploited Microsoft has released its December 2025 Patch Tuesday updates, addressing 57 security vulnerabilities across Windows,...
November 2025: Breaches at Coupang, Balancer, Gainsight, Eurofiber & M...
November 2025: Coupang Breach, Balancer $120M Hack, Gainsight Token Abuse, Eurofiber GLPI Incident & More November 2025 brought another wide mix of high-impact cyber incidents, ranging from one of...
React2Shell: Critical RCE in React and Next.js Explained
React2Shell: Critical RCE in React and Next.js Explained [Update] October 1, 2024: “React2Shell Exploitation Now Confirmed in the Wild” A new Remote Code Execution (RCE) vulnerability, widely referred...
The Marquis Software Data Breach: What It Means For Banks, Credit Unio...
The Marquis Software Data Breach: What It Means For Banks, Credit Unions, And Their Customers U.S. regulators and media outlets confirmed a major data breach at Marquis Software Solutions, a Texas bas...
December 2025 Android Security Bulletin: Two Zero-Day Flaws Exploited
December 2025 Android Security Bulletin: Two Zero-Day Flaws Exploited Google has published the December 2025 Android Security Bulletin, addressing 100+ vulnerabilities across core platform and vendor ...
AI-Powered Cyber Espionage: Inside the GTG-1002 Campaign
AI-Powered Cyber Espionage: Inside the GTG-1002 Campaign The cybersecurity world is facing a new kind of threat, AI-powered cyber espionage. The GTG-1002 campaign, uncovered between 2022 and 2025, mar...
OpenAI Notifies Users of Mixpanel Security Incident
OpenAI Notifies Users of Mixpanel Security Incident A recent security incident involving Mixpanel, a third-party analytics provider that OpenAI used to track frontend web interactions on its API platf...
Shai Hulud’s “The Second Coming": New npm Campaign Hits Zapier, ENS, P...
Shai Hulud’s “The Second Coming”: New npm Campaign Hits Zapier, ENS, Postman Security teams face yet another npm supply chain emergency. A new wave of Shai Hulud: The Second Coming. The worm has troja...
CVE-2025-61757: Oracle Identity Manager Auth Bypass Flaw Added to CISA...
CVE-2025-61757: Oracle Identity Manager Auth Bypass Flaw Added to CISA’s KEV CISA recently added CVE-2025-61757 to its Known Exploited Vulnerabilities (KEV) Catalog after confirming active exploitatio...
CVE-2025-40601: SonicOS SSLVPN Buffer Overflow Leads to Firewall Crash...
CVE-2025-40601: SonicOS SSLVPN Buffer Overflow Leads to Firewall Crash Risk, Patch Available SonicWall has disclosed a severe flaw affecting specific Gen7 and Gen8 firewalls. Identified as CVE-2025-40...
Scattered LAPSUS Hunters Escalate With New Channel and Gainsight Breac...
Scattered LAPSUS Hunters Escalate With New Channel and Gainsight Breach Scattered LAPSUS$ Hunters (SLH) has returned to the spotlight with new claims, alleged leaks, and a new Telegram channel, signal...
Cl0p’s Oracle EBS Zero-Day Campaign: What We Know So Far
Cl0p’s Oracle EBS Zero-Day Campaign: What We Know So Far The Cl0p ransomware group has returned to the spotlight with a new wave of attacks that target Oracle EBS (E-Business Suite) zero-day vulnerabi...
October 2025: Oracle Exploitation, Red Hat Incident, PhantomCaptcha, a...
October 2025: Oracle Exploitation, Red Hat Incident, PhantomCaptcha, and Major Breaches October 2025 brought forward a mix of high-impact data breaches, targeted intrusion campaigns, and continued act...
3.5 Billion WhatsApp Accounts Identified Through Enumeration
3.5 Billion WhatsApp Accounts Identified Through Enumeration A recent study by IT-security researchers at the University of Vienna and SBA Research examines the ease of identifying WhatsApp users and ...
Chrome V8 Zero-Day CVE-2025-13223 – Active Exploit Confirmed, Google I...
Chrome V8 Zero-Day CVE-2025-13223 – Active Exploit Confirmed, Google Issues Security Fix A fresh security update from Google has put Chrome users on alert. The company has patched two high-severity vu...
CVE-2025-58034: New FortiWeb Zero-Day Exploited, Enables OS Command In...
CVE-2025-58034: New FortiWeb Zero-Day Exploited, Enables OS Command Injection [Update] FortiWeb’s CVE-2025-58034 Enters CISA’s Known Exploited Vulnerabilities Fortinet has issued a new advisory confir...
IndonesianFoods Spam Campaign: What Security Teams Need To Know
IndonesianFoods Spam Campaign: What Security Teams Need To Know A large-scale campaign known as IndonesianFoods has recently gained attention for its unusual impact on the npm ecosystem. For nearly 2 ...
DDoSia Targets Denmark: Weekly DDoS Threat Intelligence
DDoSia Targets Denmark: Weekly DDoS Threat Intelligence Between November 4 and November 13, 2025, Denmark was included in a focused campaign by the pro-Russian hacktivist groups. The group published t...