logs
-
Microsoft Explains How Security Copilot in Intune and Entra Supports Security and IT Teams
Microsoft has detailed how its Security Copilot, an AI-powered tool, is transforming security and IT operations by embedding generative AI…
Read More » -
Network-Based Tool for COM and RPC Exploitation
The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges…
Read More » -
Next.js Vulnerability Allows Attackers to Trigger DoS via Cache Poisoning
A critical vulnerability, tracked as CVE-2025-49826, has been discovered and addressed in the popular React-based web framework, Next.js. The flaw, present…
Read More » -
Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence
Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially…
Read More » -
Malicious SEO Plugins on WordPress Can Lead to Site Takeover
A new wave of cyberattacks is targeting WordPress websites through malicious SEO plugins that can lead to complete site takeover.…
Read More » -
Critical Vulnerability in Microsens Devices Exposes Systems to Hackers
A series of critical vulnerabilities have been discovered in MICROSENS NMP Web+, a widely used network management platform for industrial…
Read More » -
Pre-Auth Flaw in MongoDB Server Allows Attackers to Cause DoS
A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input…
Read More » -
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users…
Read More » -
Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens
A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth…
Read More » -
Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions
Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web…
Read More » -
Interpol Dismantles 20,000 Malicious IPs and Domains Tied to 69 Malware Variants
INTERPOL’s Operation Secure has seen the takedown of more than 20,000 malicious IP addresses and domains associated with infostealer malware.…
Read More » -
Critical Icinga 2 Vulnerability Allows Attackers to Obtain Valid Certificates
A critical vulnerability (CVE-2025-48057) has been discovered in Icinga 2, the widely used open-source monitoring platform. The flaw, affecting installations…
Read More » -
Pure Crypter Uses Multiple Evasion Methods to Bypass Windows 11 24H2 Security Features
Pure Crypter, a well-known malware-as-a-service (MaaS) loader, has been recognized as a crucial tool for threat actors targeting Windows-based systems…
Read More » -
Government Calls on Organizations to Adopt SIEM and SOAR Solutions
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation…
Read More » -
Securing Windows Endpoints Using Group Policy Objects (GPOs): A Configuration Guide
Securing Windows endpoints is a top priority for organizations seeking to protect sensitive data and maintain operational integrity. Group Policy…
Read More » -
Cyberattackers Targeting IT Help Desks for Initial Breach
Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into granting access to critical systems, according…
Read More »