risk
-
Threat Actors Leverage Email Bombing to Evade Security Tools and Conceal Malicious Activity
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious endeavors. Email bombing, known also…
Read More » -
Kibana Releases Security Patch to Fix Code Injection Vulnerability
Elastic, the company behind Kibana, has released critical security updates to address a high-severity vulnerability identified as CVE-2024-12556. The flaw,…
Read More » -
Ivanti Fully Patched Actively Exploited Connect Secure RCE Vulnerability
April 5, 2025 – Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure,…
Read More » -
Vite Development Server Flaw Allows Attackers Bypass Path Restrictions
A critical security vulnerability, CVE-2025-31125, has been identified in the Vite development server. Due to improper path verification during URL request…
Read More » -
OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code
OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to…
Read More » -
Brinker Named Among “10 Most Promising Defense Tech Startups of 2025”
Brinker, an innovative narrative intelligence platform dedicated to combating disinformation and influence campaigns, has been recognized as one of the…
Read More » -
“Crocodilus” A New Malware Targeting Android Devices for Full Takeover
Researchers have uncovered a dangerous new mobile banking Trojan dubbed Crocodilus actively targeting financial institutions and cryptocurrency platforms. The malware…
Read More » -
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates…
Read More » -
Malicious AI Tools See 200% Surge as ChatGPT Jailbreaking Talks Increase by 52%
The cybersecurity landscape in 2024 witnessed a significant escalation in AI-related threats, with malicious actors increasingly targeting and exploiting large…
Read More » -
Over 150 US Government Database Servers Vulnerable to Internet Exposure
A recent open-source investigation has uncovered one of the largest exposures of US government data to cyber threats. More than…
Read More » -
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
Recent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows…
Read More » -
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in…
Read More » -
New Steganographic Malware Hides in JPEG Files to Spread Infostealers
A recent cybersecurity threat has been identified, where steganographic malware is being distributed through seemingly innocuous JPEG image files. This…
Read More » -
A Revolutionary CNAPP For Preventive Cybersecurity
Moving Beyond Detection to Real-Time, Automated Security Across Workloads, Cloud, and Infrastructure SecPod, a global cybersecurity provider, has announced the…
Read More » -
mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices
In a significant discovery, PRODAFT’s security research team has identified two critical vulnerabilities in the mySCADA myPRO Manager, a widely…
Read More » -
Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers
A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across various…
Read More » -
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to…
Read More » -
Using AI-Driven Cybersecurity Training to Counter Emerging Threats
As Artificial Intelligence (AI)-powered cyber threats surge, INE Security, a global leader in cybersecurity training and certification, is launching a…
Read More » -
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting…
Read More »