vulnerabilities
-
Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks…
Read More » -
Clop Ransomware Group Exploits New 0-Day Vulnerabilities in Active Attacks
The Clop ransomware group continues to pose a significant threat to enterprise organizations worldwide, with recent analysis revealing their exploitation…
Read More » -
Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices,…
Read More » -
CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog,…
Read More » -
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Sophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors…
Read More » -
Threat Actors Abuse AzureHound Tool to Enumerate Azure and Entra ID Environments
The cybersecurity landscape continues to shift toward cloud-based attacks, with threat actors increasingly exploiting legitimate security tools for malicious reconnaissance.…
Read More » -
New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs)…
Read More » -
Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information
Tata Motors, India’s largest automaker and a major player in the global automotive industry, suffered a catastrophic data exposure that…
Read More » -
Top 10 Best Cloud Workload Protection Platforms (CWPP) in 2025
The cloud landscape in 2025 continues its unprecedented growth, with organizations of all sizes rapidly migrating critical workloads to public,…
Read More » -
Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild
Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing…
Read More » -
Top 10 Best Cloud Penetration Testing Providers in 2025
The rapid migration to cloud environments – AWS, Azure, and GCP being the dominant players continues unabated in 2025. While…
Read More » -
Top 10 Best Cloud Security Companies For AWS, Azure And GCP in 2025
Organizations are not just adopting cloud; they are embracing multi-cloud and hybrid strategies as the new norm, distributing workloads across…
Read More » -
Top 10 Best Security Operations Center (SOC) as a Service Providers in 2025
In 2025, the digital landscape is more complex and perilous than ever. Organizations face an unrelenting barrage of sophisticated cyber…
Read More » -
Vulnerability in Perplexity’s Comet Browser Screenshot Feature Allows Malicious Prompt Injection
Researchers have discovered a critical security vulnerability in Perplexity’s Comet AI browser that allows attackers to inject malicious commands through…
Read More » -
PassiveNeuron Targets High-Profile Servers to Deploy Malware
A sophisticated cyberespionage campaign dubbed PassiveNeuron has emerged from the shadows after months of dormancy, with security researchers uncovering fresh…
Read More » -
Microsoft Windows 11 October Update Disrupts Localhost (127.0.0.1) Connectivity
Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security…
Read More » -
Cisco Desk, IP, and Video Phones Vulnerable to Remote DoS and XSS Attacks
Multiple Cisco desk, IP, and video phones are at risk of remote denial-of-service (DoS) and cross-site scripting (XSS) attacks due…
Read More » -
MCPTotal Launches to Power Secure Enterprise MCP Workflows
MCPTotal, a comprehensive secure Model Context Protocol (MCP) platform, today announced its flagship platform to help businesses adopt and secure…
Read More » -
Hackers Breach F5 Steal BIG-IP Source Code and Secret Vulnerability Data
F5 Networks confirmed that a sophisticated nation-state threat actor infiltrated its systems, exfiltrating proprietary BIG-IP source code and confidential vulnerability…
Read More » -
Microsoft Patch Tuesday October 2025 – 172 Vulnerabilities Fixed Along with 4 Zero-days
CVE-2025-59502 Remote Procedure Call Denial of Service Vulnerability Denial of Service Moderate CVE-2025-59497 Microsoft Defender for Linux Denial of Service…
Read More »