privilege

June 14, 2025

Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access

A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of…
Read More »
June 12, 2025

Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions

Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web…
Read More »
June 11, 2025

Microsoft Patch Tuesday June 2025 – 66 Vulnerabilities Patched Including 2 Zero-Day

Microsoft has released its June 2025 Patch Tuesday security updates, addressing a total of 66 vulnerabilities across its software ecosystem.…
Read More »
June 1, 2025

Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges

A recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security gap in Microsoft Entra ID…
Read More »
May 30, 2025

Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments

A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers…
Read More »
May 25, 2025

GenAI Assistant DIANNA Uncovers New Obfuscated Malware

Deep Instinct’s GenAI-powered assistant, DIANNA, has identified a sophisticated new malware strain dubbed BypassERWDirectSyscallShellcodeLoader. This malware, reportedly crafted with the…
Read More »
May 16, 2025

Inside Turla’s Uroboros Infrastructure and Tactics Revealed

In a nation-state cyber espionage, a recent static analysis of the Uroboros rootkit, attributed to the infamous APT group Turla,…
Read More »
May 14, 2025

Microsoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-Day

CVE Number CVE Title Impact Max Severity CVE-2025-29966 Remote Desktop Client Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-29967…
Read More »
May 11, 2025

Securing Windows Endpoints Using Group Policy Objects (GPOs): A Configuration Guide

Securing Windows endpoints is a top priority for organizations seeking to protect sensitive data and maintain operational integrity. Group Policy…
Read More »
May 11, 2025

Detecting Backdoors in Enterprise Networks

In today’s rapidly evolving cybersecurity landscape, enterprise networks face a particularly insidious threat: backdoors, making detecting backdoors crucial. These clandestine…
Read More »
May 11, 2025

Critical Azure and Power Apps Vulnerabilities Allow Privilege Escalation for Attackers

Microsoft has patched four critical security vulnerabilities affecting its Azure cloud services and Power Apps platform that could allow attackers…
Read More »
May 9, 2025

IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and macOS systems to local privilege…
Read More »
May 8, 2025

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks in the first quarter of…
Read More »
May 7, 2025

Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX

As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search Service are revolutionizing data retrieval with…
Read More »
May 6, 2025

BFDOOR Malware Targets Organizations to Establish Long-Term Persistence

The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations, particularly in the telecommunications sector. First…
Read More »
May 5, 2025

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems across industries such as real estate,…
Read More »
May 1, 2025

Netgear EX6200 Flaw Enables Remote Access and Data Theft

Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender that could allow remote attackers to…
Read More »
April 29, 2025

Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation

A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2025-21756 and dubbed “Attack of the Vsock,” has sent ripples through the…
Read More »
April 23, 2025

Zyxel Releases Patches for Privilege Management Vulnerabilities in Firewalls

Zyxel, a leading provider of secure networking solutions, has released critical security patches to address two privilege management vulnerabilities in…
Read More »
April 17, 2025

Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools…
Read More »

Previous page Next page