escalation
-
SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials
The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target…
Read More » -
Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about critical vulnerabilities in Cisco’s IOS and IOS XE…
Read More » -
Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters
A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider,…
Read More » -
Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data
Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to…
Read More » -
Threat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUD
Cybersecurity researchers have identified a concerning development in the underground cybercrime marketplace: a sophisticated Remote Access Trojan (RAT) being marketed…
Read More » -
Nokia CBIS/NCS Manager API Vulnerability Allows Attackers to Bypass Authentication
On September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and…
Read More » -
0-Click ChatGPT Agent Flaw Exposes Gmail Data to Attackers
Researchers have discovered a critical zero-click vulnerability in ChatGPT’s Deep Research agent that allows attackers to silently steal sensitive Gmail data without…
Read More » -
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers…
Read More » -
Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers…
Read More » -
Top 10 Best Cloud Penetration Testing Companies in 2025
Cloud is the foundation of modern business, but it comes with a complex and evolving security landscape. Traditional penetration testing,…
Read More » -
Microsoft September 2025 Patch Tuesday
Microsoft has released its September 2025 Patch Tuesday update, addressing a total of 81 security vulnerabilities across its product portfolio.…
Read More » -
Top 10 Best Internal Network Penetration Testing Providers in 2025
In a world of evolving threats, the security of an organization’s internal network is just as important as its external…
Read More » -
Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access
Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These…
Read More » -
Food Delivery Robots Vulnerable to Hacks That Redirect Orders
A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the…
Read More » -
Google Urges 2.5B Gmail Users to Reset Passwords After Salesforce Breach
A sophisticated voice phishing operation has emerged as a significant threat to organizations worldwide, with cybercriminals successfully infiltrating Salesforce environments…
Read More » -
Cisco UCS Manager Software Flaw Allows Attackers to Inject Malicious Commands
Cisco has released urgent security updates to remediate two medium-severity command injection vulnerabilities in its UCS Manager Software that could…
Read More » -
China-Based Threat Actor Mustang Panda’s TTPs Leaked
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda,…
Read More »