exploit
-
JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control
JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security…
Read More » -
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in…
Read More » -
Attackers Leverage Weaponized CAPTCHAs to Execute PowerShell and Deploy Malware
In a recent surge of sophisticated cyberattacks, threat actors have been utilizing fake CAPTCHA challenges to trick users into executing…
Read More » -
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution. These vulnerabilities, which include CVE-2025-23120,…
Read More » -
Signal Messenger Exploited in Targeted Attacks on Defense Industry Employees
The Computer Emergency Response Team of Ukraine (CERT-UA) has reported a series of targeted cyberattacks against employees of the defense-industrial…
Read More » -
Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices
Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the…
Read More » -
Crypto Platform OKX Suspends Tool Abused by North Korean Hackers
Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator tool. This decision comes on the…
Read More » -
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability…
Read More » -
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…
Read More »