web

October 5, 2025

SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials

The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target…
Read More »
October 5, 2025

New XWorm V6 Variant Embeds Malicious Code into Trusted Windows Applications

In the constantly evolving world of cyber threats, staying informed is not just an advantage; it’s a necessity. First observed…
Read More »
October 4, 2025

DrayOS Router Flaw Allows Remote Code Execution by Attackers

A critical vulnerability affecting DrayOS routers could let unauthenticated attackers execute code remotely. Discovered on July 22 by Pierre-Yves Maes…
Read More »
October 3, 2025

Top 10 Best End-to-End Threat Intelligence Companies in 2025

Best End-to-End Threat Intelligence Companies In 2025, businesses face growing challenges in securing their digital assets, networks, and sensitive data.…
Read More »
October 3, 2025

Top 10 Best Supply Chain Risk Management Solutions in 2025

Best Supply Chain Risk Management Solutions In today’s globalized world, managing supply chain risks has become a top priority for…
Read More »
October 2, 2025

TOTOLINK X6000R Routers Hit by Three Vulnerabilities Allowing Remote Code Execution

Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025.…
Read More »
September 30, 2025

New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite

China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the…
Read More »
September 30, 2025

Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload

Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying…
Read More »
September 30, 2025

Veeam RCE Exploit Allegedly Listed for Sale on Dark Web

A new dark web marketplace listing has sparked alarm in the cybersecurity community after a seller using the handle “SebastianPereiro”…
Read More »
September 29, 2025

New Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and Credentials

Adversaries don’t work 9–5 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and…
Read More »
September 27, 2025

New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms

CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks…
Read More »
September 27, 2025

Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks

Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide.…
Read More »
September 27, 2025

Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data

Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to…
Read More »
September 26, 2025

Top 10 Best AI Penetration Testing Companies In 2025

In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability…
Read More »
September 25, 2025

BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign

Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked…
Read More »
September 23, 2025

Libraesva ESG Vulnerability Allows Attackers to Execute Malicious Commands

A critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands…
Read More »
September 20, 2025

Deceptive Tactics to Bypass Security Systems

Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake…
Read More »
September 20, 2025

Top 10 Best API Security Testing Companies in 2025

Best API Security Testing Companies In today’s rapidly evolving digital landscape, APIs (Application Programming Interfaces) have become the backbone of…
Read More »
September 19, 2025

HubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE Attacks

A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to…
Read More »
September 19, 2025

0-Click ChatGPT Agent Flaw Exposes Gmail Data to Attackers

Researchers have discovered a critical zero-click vulnerability in ChatGPT’s Deep Research agent that allows attackers to silently steal sensitive Gmail data without…
Read More »

Previous page Next page