data
-
$40,000 Reward for Escalating Limited Path Traversal to RCE
As a dedicated bug bounty hunter with an enviable track record on BugCrowd, Abdullah Nawaf, Full full-time bug Bounty Hunter, thrives…
Read More » -
PoC Exploit Released for Ivanti Connect Secure RCE Vulnerability
A serious security flaw has been identified in Ivanti Connect Secure, designated as CVE-2025-0282, which enables remote unauthenticated attackers to execute…
Read More » -
New Tool Unveiled to Scan Hacking Content on Telegram
A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking AI module designed to monitor and…
Read More » -
FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages
Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing campaigns are delivered via Telegram…
Read More » -
AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV
Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions of its native clients for…
Read More » -
Apple Announces Information Security Internship For Students
Apple Inc. has officially opened applications for its highly anticipated Information Security Internship, aimed at students eager to dive into…
Read More » -
RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation
Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe…
Read More » -
Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability
A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet. The attacks, observed by…
Read More » -
Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details
A critical flaw in Google’s “Sign in with Google” authentication system has left millions of Americans vulnerable to potential data…
Read More » -
CISA Launched A Free Guide to Enhance OT Products Security
To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new…
Read More » -
Microsoft Warns of MFA Issue Affecting Microsoft 365 users
Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365)…
Read More » -
IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks
A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its integration with IBM Cloud Pak for…
Read More » -
“Siri Data Stays Private, Not Used for Ads: Apple Confirms
Apple Inc. says its commitment to user privacy, emphasizing that its products, such as the digital assistant Siri, are designed…
Read More » -
PowerSchool Hacked – Attackers Accessed Personal Data of Students and Teachers
Walker County Schools has reported that unauthorized access to personal data belonging to students and educators was achieved through the…
Read More » -
Hackers Targeting Users Who Lodged Complaints On Government portal To Steal Credit Card Data
Fraudsters in the Middle East are exploiting a vulnerability in the government services portal. By impersonating government officials, they target…
Read More » -
New NonEuclid RAT Evades Antivirus and Encrypts Critical Files
A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant…
Read More » -
Weaponized LDAP Exploit Deploys Information-Stealing Malware
Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed “LDAPNightmare”). …
Read More » -
Multi-Plugin Malware Framework Installs Backdoor on Windows
The QSC Loader service DLL named “loader.dll” leverages two distinct methods to obtain the path to the Core module code.…
Read More » -
United Nations Aviation Agency Hacked Recruitment Data Exposed
The International Civil Aviation Organization (ICAO), a United Nations agency responsible for coordinating global aviation standards, has reported a significant…
Read More » -
Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace
Criminal IP, a globally recognized Cyber Threat Intelligence (CTI) solution by AI SPERA, has launched its Criminal IP Malicious Link Detector add-in…
Read More »