privilege

October 25, 2025

Top 10 Best Cloud Penetration Testing Providers in 2025

The rapid migration to cloud environments – AWS, Azure, and GCP being the dominant players continues unabated in 2025. While…
Read More »
October 25, 2025

Top 10 Best Cloud Security Companies For AWS, Azure And GCP in 2025

Organizations are not just adopting cloud; they are embracing multi-cloud and hybrid strategies as the new norm, distributing workloads across…
Read More »
October 15, 2025

Microsoft Patch Tuesday October 2025 – 172 Vulnerabilities Fixed Along with 4 Zero-days

CVE-2025-59502 Remote Procedure Call Denial of Service Vulnerability Denial of Service Moderate CVE-2025-59497 Microsoft Defender for Linux Denial of Service…
Read More »
October 14, 2025

PoC Released for Sudo chroot Flaw Allowing Local Privilege Escalation

A new proof-of-concept (PoC) exploit has been published for a critical flaw in the widely used sudo utility. This vulnerability enables any…
Read More »
October 12, 2025

Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages – GBHackers Security

Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets,…
Read More »
October 11, 2025

SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware

A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August…
Read More »
October 11, 2025

Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands

Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious…
Read More »
October 7, 2025

CISA Issues Alert on Active Exploitation of Microsoft Windows Privilege Escalation Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft…
Read More »
October 4, 2025

DrayOS Router Flaw Allows Remote Code Execution by Attackers

A critical vulnerability affecting DrayOS routers could let unauthenticated attackers execute code remotely. Discovered on July 22 by Pierre-Yves Maes…
Read More »
October 1, 2025

Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about critical vulnerabilities in Cisco’s IOS and IOS XE…
Read More »
September 30, 2025

New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite

China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the…
Read More »
September 30, 2025

Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload

Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying…
Read More »
September 30, 2025

Veeam RCE Exploit Allegedly Listed for Sale on Dark Web

A new dark web marketplace listing has sparked alarm in the cybersecurity community after a seller using the handle “SebastianPereiro”…
Read More »
September 27, 2025

Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data

Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to…
Read More »
September 25, 2025

BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign

Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked…
Read More »
September 21, 2025

Nokia CBIS/NCS Manager API Vulnerability Allows Attackers to Bypass Authentication

On September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and…
Read More »
September 20, 2025

Top 10 Best API Security Testing Companies in 2025

Best API Security Testing Companies In today’s rapidly evolving digital landscape, APIs (Application Programming Interfaces) have become the backbone of…
Read More »
September 12, 2025

Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation

Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers…
Read More »
September 11, 2025

Top 10 Best Cloud Penetration Testing Companies in 2025

Cloud is the foundation of modern business, but it comes with a complex and evolving security landscape. Traditional penetration testing,…
Read More »
September 10, 2025

Microsoft September 2025 Patch Tuesday

Microsoft has released its September 2025 Patch Tuesday update, addressing a total of 81 security vulnerabilities across its product portfolio.…
Read More »

Previous page Next page