privilege
-
Top 10 Best Internal Network Penetration Testing Providers in 2025
In a world of evolving threats, the security of an organization’s internal network is just as important as its external…
Read More » -
Hackers Exploit Amazon SES to Blast Over 50,000 Malicious Emails Daily
A sophisticated cyberattack campaign where threat actors exploited compromised AWS credentials to hijack Amazon’s Simple Email Service (SES), launching large-scale…
Read More » -
Apache DolphinScheduler Vulnerability Patched — Update Immediately
A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under…
Read More » -
Google Urges 2.5B Gmail Users to Reset Passwords After Salesforce Breach
A sophisticated voice phishing operation has emerged as a significant threat to organizations worldwide, with cybercriminals successfully infiltrating Salesforce environments…
Read More » -
Cisco UCS Manager Software Flaw Allows Attackers to Inject Malicious Commands
Cisco has released urgent security updates to remediate two medium-severity command injection vulnerabilities in its UCS Manager Software that could…
Read More » -
China-Based Threat Actor Mustang Panda’s TTPs Leaked
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda,…
Read More » -
Hackers Hijack VPS Servers to Breach Software-as-a-Service Accounts
Virtual Private Servers (VPS) have long served as versatile tools for developers and businesses, offering dedicated resources on shared physical…
Read More » -
RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions
A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous…
Read More » -
Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems
Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts…
Read More » -
Threat Actors Exploit Microsoft Help Index File to Deploy PipeMagic Malware
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage a Microsoft Help Index File (.mshi) to deploy the…
Read More » -
Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection
Operators behind the Crypto24 strain are employing highly coordinated, multi-stage attacks that blend legitimate system tools with bespoke malware to…
Read More » -
Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products
Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array…
Read More » -
Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability
The cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on…
Read More » -
Lazarus Hackers Use Fake Camera/Microphone Alerts to Deploy PyLangGhost RAT
North Korean state-sponsored threat actors associated with the Lazarus Group, specifically the subgroup known as Famous Chollima, have evolved their…
Read More » -
Qilin Ransomware Affiliate Panel Login Credentials Exposed Online
A significant security breach within the Qilin ransomware operation has provided unprecedented insight into the group’s affiliate network structure and…
Read More » -
SafePay Ransomware Strikes 260+ Victims Across Multiple Countries
The SafePay ransomware organization has quickly become a powerful operator since its initial detection in September 2024, marking a startling…
Read More »