vulnerabilities
-
PortSwigger Launches Burp AI to Enhance Penetration Testing with AI
PortSwigger, the makers of Burp Suite, has taken a giant leap forward in the field of cybersecurity with the launch…
Read More » -
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates…
Read More » -
New Specter Insight C2 Tool Fuels ClickFix-Based Hacking Campaigns
A recent cybersecurity investigation has uncovered a previously unidentified Command and Control (C2) framework, dubbed Specter Insight C2. This discovery was…
Read More » -
Over 150 US Government Database Servers Vulnerable to Internet Exposure
A recent open-source investigation has uncovered one of the largest exposures of US government data to cyber threats. More than…
Read More » -
JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control
JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security…
Read More » -
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in…
Read More » -
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution. These vulnerabilities, which include CVE-2025-23120,…
Read More » -
A Revolutionary CNAPP For Preventive Cybersecurity
Moving Beyond Detection to Real-Time, Automated Security Across Workloads, Cloud, and Infrastructure SecPod, a global cybersecurity provider, has announced the…
Read More » -
mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices
In a significant discovery, PRODAFT’s security research team has identified two critical vulnerabilities in the mySCADA myPRO Manager, a widely…
Read More » -
Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers
A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across various…
Read More » -
Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices
Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the…
Read More » -
Crypto Platform OKX Suspends Tool Abused by North Korean Hackers
Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator tool. This decision comes on the…
Read More » -
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability…
Read More » -
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…
Read More » -
DeepSeek R1 Jailbreaked to Create Malware, Including Keyloggers and Ransomware
The increasing popularity of generative artificial intelligence (GenAI) tools, such as OpenAI’s ChatGPT and Google’s Gemini, has attracted cybercriminals seeking…
Read More » -
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
A recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command…
Read More » -
AWS SNS Exploited for Data Exfiltration and Phishing Attacks
Amazon Web Services’ Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and…
Read More » -
Hackers Exploiting Exposed Jupyter Notebooks to Deploy Cryptominers
Cado Security Labs has identified a sophisticated cryptomining campaign exploiting misconfigured Jupyter Notebooks, targeting both Windows and Linux systems. The…
Read More »