exploit
-
RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions
A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous…
Read More » -
Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems
Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts…
Read More » -
Threat Actors Exploit Microsoft Help Index File to Deploy PipeMagic Malware
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage a Microsoft Help Index File (.mshi) to deploy the…
Read More » -
North Korean Hackers’ Secret Linux Malware Surfaces Online
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit…
Read More » -
Elastic EDR 0-Day Flaw Lets Hackers Evade Detection, Run Malware, and Trigger BSOD
AshES Cybersecurity has disclosed a severe zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) software that transforms the security…
Read More » -
Cisco IOS, IOS XE, and Secure Firewall Flaws Allow Remote DoS Attacks
Cisco Systems has issued a high-priority security advisory addressing multiple critical vulnerabilities in the Internet Key Exchange Version 2 (IKEv2)…
Read More » -
Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages
A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in…
Read More » -
PoC Released for Fortinet FortiSIEM Command Injection Flaw
Security researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise…
Read More » -
Top 10 Best NDR Solutions (Network Detection And Response) in 2025
The network remains the central nervous system of every organization. While endpoints and cloud environments are crucial, all digital activity…
Read More » -
Windows Out-of-Box-Experience Flaw Enables Full Administrative Command Prompt Access
A newly documented vulnerability in Windows’ Out-of-Box-Experience (OOBE) allows users to bypass security restrictions and gain full administrative access to…
Read More » -
Electronic Arts Blocks 300,000 Cheating Attempts After Battlefield 6 Beta Launch
Electronic Arts’ SPEAR Anti-Cheat Team has released a noteworthy update, stating that since the Battlefield 6 Open Beta Early Access…
Read More » -
Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks
Security researchers have uncovered a “zero-click” denial-of-service chain that can silently turn thousands of Microsoft Windows Domain Controllers (DCs) into…
Read More » -
Malware Campaign Masquerades as Tesla in Poisoned Google Ads
A malware operation has surfaced in the context of a complex cyber threat landscape, using tainted Google Ads to pose…
Read More » -
Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data
Microsoft security researchers have uncovered four critical vulnerabilities in Windows BitLocker that could allow attackers with physical access to bypass…
Read More » -
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United…
Read More »