exploit
-
Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells
Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and…
Read More » -
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
A sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting macOS users through a deceptive method known as Clickfix…
Read More » -
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
In a recent discovery by the CYFIRMA research team, a sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting…
Read More » -
Pre-Auth Flaw in MongoDB Server Allows Attackers to Cause DoS
A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input…
Read More » -
CISA Issues Alert on ControlID iDSecure Flaws Enabling Bypass Authentication
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding critical vulnerabilities in ControlID’s iDSecure On-premises software,…
Read More » -
New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection…
Read More » -
TeamViewer for Windows Vulnerability Lets Hackers Delete Files with SYSTEM Rights
A critical security vulnerability has been discovered in TeamViewer Remote Management for Windows, exposing systems to potential privilege escalation attacks.…
Read More » -
America, Netflix, and Microsoft Hacked to Inject Fake Phone Numbers
Jérôme Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands…
Read More » -
Israeli Social Media Users Targeted in Covert Iranian Influence Campaign
A covert Iranian social media operation has been uncovered, targeting Israeli users on platform X with a psychological campaign designed…
Read More » -
Massive DDoS Attack Hits 7.3 Tbps Delivering 37.4 Terabytes in 45 Seconds
The internet witnessed a new record in cyberattacks last month as Cloudflare, blocked the largest distributed denial-of-service (DDoS) attack ever…
Read More » -
Tesla Wall Connector Hacked Through Charging Port in Just 18 Minutes
Security researchers from Synacktiv successfully hacked the Tesla Wall Connector through its charging port in just 18 minutes, exposing critical…
Read More » -
Chollima Hackers Target Windows and MacOS with New GolangGhost RAT Malware
A North Korean-affiliated threat actor called Famous Chollima (also known as Wagemole) has launched a sophisticated remote access trojan (RAT)…
Read More » -
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks
The Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of…
Read More » -
Hackers Target and Hijack Washington Post Journalists’ Email Accounts
A targeted cyberattack has struck The Washington Post, compromising the email accounts of several of its journalists and raising new…
Read More » -
HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation
HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to…
Read More » -
Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens
A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth…
Read More » -
Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User
A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITY\SYSTEM privileges via…
Read More » -
Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions
Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web…
Read More »