exploit

October 6, 2025

Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control

Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools…
Read More »
October 5, 2025

New XWorm V6 Variant Embeds Malicious Code into Trusted Windows Applications

In the constantly evolving world of cyber threats, staying informed is not just an advantage; it’s a necessity. First observed…
Read More »
October 4, 2025

DrayOS Router Flaw Allows Remote Code Execution by Attackers

A critical vulnerability affecting DrayOS routers could let unauthenticated attackers execute code remotely. Discovered on July 22 by Pierre-Yves Maes…
Read More »
October 2, 2025

TOTOLINK X6000R Routers Hit by Three Vulnerabilities Allowing Remote Code Execution

Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025.…
Read More »
October 1, 2025

Ukraine Warns of Weaponized XLL Files Delivering CABINETRAT Malware via Zip Archives

Ukraine’s national cyber incident response team, CERT-UA, has issued an urgent warning about a new malware campaign that weaponizes Excel…
Read More »
October 1, 2025

Top 10 Best Vulnerability Management Software in 2025

Best Vulnerability Management Software In today’s fast-paced digital environment, organizations face constant threats from cybercriminals exploiting weaknesses in IT systems.…
Read More »
October 1, 2025

Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about critical vulnerabilities in Cisco’s IOS and IOS XE…
Read More »
September 30, 2025

Veeam RCE Exploit Allegedly Listed for Sale on Dark Web

A new dark web marketplace listing has sparked alarm in the cybersecurity community after a seller using the handle “SebastianPereiro”…
Read More »
September 28, 2025

Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach

In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including…
Read More »
September 28, 2025

Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters

A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider,…
Read More »
September 27, 2025

New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms

CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks…
Read More »
September 27, 2025

Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks

Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide.…
Read More »
September 26, 2025

Top 10 Best AI Penetration Testing Companies In 2025

In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability…
Read More »
September 25, 2025

BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign

Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked…
Read More »
September 23, 2025

Threat Actors Breach Enterprise Infrastructure Within 18 Minutes of Initial Access

Attackers are accelerating their foothold in corporate networks: over the past three months (June 1 to August 31, 2025), the…
Read More »
September 23, 2025

Libraesva ESG Vulnerability Allows Attackers to Execute Malicious Commands

A critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands…
Read More »
September 22, 2025

Threat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUD

Cybersecurity researchers have identified a concerning development in the underground cybercrime marketplace: a sophisticated Remote Access Trojan (RAT) being marketed…
Read More »
September 20, 2025

Deceptive Tactics to Bypass Security Systems

Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake…
Read More »
September 20, 2025

Top 10 Best API Security Testing Companies in 2025

Best API Security Testing Companies In today’s rapidly evolving digital landscape, APIs (Application Programming Interfaces) have become the backbone of…
Read More »
September 19, 2025

HubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE Attacks

A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to…
Read More »

Previous page Next page