wild
-
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers…
Read More » -
Meteobridge web interface Vulnerability Let Attackers Inject Commands Remotely
ONEKEY Research Lab has uncovered a severe command injection vulnerability in the MeteoBridge firmware, a compact device designed to connect…
Read More » -
Critical Azure and Power Apps Vulnerabilities Allow Privilege Escalation for Attackers
Microsoft has patched four critical security vulnerabilities affecting its Azure cloud services and Power Apps platform that could allow attackers…
Read More » -
New Specter Insight C2 Tool Fuels ClickFix-Based Hacking Campaigns
A recent cybersecurity investigation has uncovered a previously unidentified Command and Control (C2) framework, dubbed Specter Insight C2. This discovery was…
Read More » -
Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers
A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across various…
Read More » -
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting…
Read More » -
Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese…
Read More » -
61 Vulnerabilities Including 25 RCE’s Fixed
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across…
Read More » -
Apple iOS 0-day Vulnerability Exploited Wild in Extremely Sophisticated Attack
Apple has released emergency security updates to address a zero-day vulnerability, CVE-2025-24200, that has been actively exploited in targeted attacks…
Read More » -
CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in…
Read More »