risk

May 30, 2025

MICI NetFax Server Flaws Allow Attackers to Execute Remote Code

In a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all…
Read More »
May 30, 2025

PureHVNC RAT Uses Fake Job Offers and PowerShell to Evade Security Defenses

A new and highly evasive malware campaign delivering the PureHVNC Remote Access Trojan (RAT) has been identified by Netskope Threat…
Read More »
May 29, 2025

UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers

The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its…
Read More »
May 29, 2025

Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘Rent-a-Bank-Account’ Scam

Cybercriminals are exploiting vulnerable individuals by transforming them into unwitting money mules through a sophisticated fraud known as the ‘rent-a-bank-account’…
Read More »
May 28, 2025

Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands

The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial institutions in Peru before expanding…
Read More »
May 28, 2025

Hackers Circulate Over 93 Billion Stolen User Cookies on the Dark Web

Web cookies, those ubiquitous pop-ups we routinely dismiss with a click, are small text files stored on your device by…
Read More »
May 28, 2025

Government Calls on Organizations to Adopt SIEM and SOAR Solutions

In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation…
Read More »
May 27, 2025

Threat Actors Use Fake DocuSign Notifications to Steal Corporate Data

DocuSign has emerged as a cornerstone for over 1.6 million customers worldwide, including 95% of Fortune 500 companies, and boasts…
Read More »
May 27, 2025

Mozilla Quickly Fixes Firefox Vulnerabilities from Pwn2Own 2025 with Urgent Patches

At this year’s Pwn2Own Berlin, security researchers successfully demonstrated two new zero-day exploits against Mozilla Firefox, targeting the browser’s content…
Read More »
May 27, 2025

Hackers Reportedly Selling Over 500 Stolen Crypto Databases on Dark-Web Forums

A hackers has made news by allegedly selling a ZIP archive containing more than 500 compromised databases, which seems to…
Read More »
May 26, 2025

Meteobridge web interface Vulnerability Let Attackers Inject Commands Remotely

ONEKEY Research Lab has uncovered a severe command injection vulnerability in the MeteoBridge firmware, a compact device designed to connect…
Read More »
May 25, 2025

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as an “uncensored” and “private” alternative…
Read More »
May 24, 2025

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application for managing crypto assets via…
Read More »
May 24, 2025

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier.…
Read More »
May 24, 2025

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution (RCE) access to Burger King…
Read More »
May 23, 2025

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt DNS infrastructure, manipulate Non-Human Identity…
Read More »
May 22, 2025

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on critical security flaws in .NET-based…
Read More »
May 22, 2025

Versa Concerto 0-Day Flaw Enables Remote Code Execution by Bypassing Authentication

Security researchers have uncovered multiple critical vulnerabilities in Versa Concerto, a widely deployed network security and SD-WAN orchestration platform used…
Read More »
May 17, 2025

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical vulnerabilities across major enterprise platforms…
Read More »
May 16, 2025

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver…
Read More »

Previous page Next page