14,000 routers are infected by malware that’s highly resistant to takedowns

Telus Digital confirms breach after hacker claims 1 petabyte data theft

Microsoft releases Windows 10 KB5078885 extended security update

APT28 hackers deploy customized variant of Covenant open-source tool

Microsoft to enable Windows hotpatch security updates by default

Microsoft releases new Defender update for Windows 11, 10, Server ISO installations

Paint maker giant AkzoNobel confirms cyberattack on U.S. site

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

CISA warns that RESURGE malware can be dormant on Ivanti devices

QuickLens Chrome extension steals crypto, shows ClickFix attack

Ransomware payment rate drops to record low as attacks surge

APT37 hackers use new malware to breach air-gapped networks

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

Marquis sues SonicWall over backup breach that led to ransomware attack

Critical Cisco SD-WAN 0-Day Vulnerability Exploited Since 2023 to Gain Root Access

Hacker Jailbreaks Claude AI to Write Exploit Code and Steal Government Data

Hackers Leverage DeepSeek and Claude to Attack FortiGate Devices Worldwide

65% of Financial Organizations Targeted by Ransomware as Cybercriminals Escalate Attacks

Threat Actors Allegedly Selling WhatsApp Crash Exploit on Hacking Forums

Microsoft MFA Down – 504 Gateway Timeout Errors Disrupting MFA Access for U.S. Users

Splunk Enterprise for Windows Vulnerability Let Attackers Hijack DLLs and Gain SYSTEM Access

PoC Released for Windows Notepad Vulnerability that Enables Malicious Command Execution

Google Issues Emergency Chrome Security Update to Address High-Severity PDFium and V8 Flaws

Fake CAPTCHA (ClickFix) Attack Chain Leads to Enterprise‑Wide Malware Infection in Organisations

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA Warns of Notepad++ Code Execution Vulnerability Exploited in Attacks

Fake AI Chrome extensions with 300K users steal credentials, emails

Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack to Target Individuals

Windows Shell Security Feature 0-Day Vulnerability Let Attackers Bypass Authentication

Windows Remote Access Connection Manager 0-Day Vulnerability Let Attackers Trigger DoS Attack

Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild to Escalate Privileges

Microsoft Office Word 0-day Vulnerability Actively Exploited in the Wild

Microsoft Teams New Option Enables Users to Flag Malicious Messages

Fancy Bear Hackers Exploiting Microsoft Zero-Day Vulnerability to Deploy Backdoors and Email Stealers

Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days

Cybersecurity Weekly Newsletter – Notepad++ hack, Office 0-Day, ESXi 0-day Ransomware Attacks and More

CISA Warns of Critical SmarterMail RCE Flaw Actively Exploited in Ransomware Attacks

F5 Patches Critical Vulnerabilities in BIG-IP, NGINX, and Related Products

Betterment Data Breach Exposes 1.4 million Customers Personal Details

Hackers Exploit SonicWall SSLVPN Credentials to Deploy EDR Killer and Bypass Security

Hackers compromise NGINX servers to redirect user traffic

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware

New Stealthy Fileless Linux Malware ‘ShadowHS’ Emphasizes Automated Propagation

DynoWiper Data-Wiping Malware Attacking Energy Companies to Destroy Data

31.4 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record

Beware of Weaponized VS Code Extension Named ClawdBot Agent that Deploys ScreenConnect RAT

Chrome Security Update Patches Background Fetch API Vulnerability

Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

HoneyMyte Hacker Group Updates CoolClient Malware to Deploy Browser Login Data Stealer

Critical OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

Attackers Exploiting React2Shell Vulnerability to Attack IT Sectors

New malware service guarantees phishing extensions on Chrome web store

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

MEDUSA Security Testing Tool With 74 Scanners and 180+ AI Agent Security Rules

Hackers Exploit Teams’ Functionality to Steal Credentials Mimicking Microsoft Services

Konni hackers target blockchain engineers with AI-built malware

SmarterMail auth bypass flaw now exploited to hijack admin accounts

Hackers Use ‘rn’ Typo Trick to Impersonate Microsoft and Marriott in New Phishing Attack

Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds

Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious Payloads

TP-Link Vulnerability Allows Authentication Bypass Via Password Recovery Feature

Tesla hacked, 37 zero-days demoed at Pwn2Own Automotive 2026

WordPress Plugin Vulnerability Exposes 100,000+ Sites to Privilege Escalation Attacks

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

Attackers Abuse Discord to Deliver Clipboard Hijacker That Steals Wallet Addresses on Paste

Apache bRPC Vulnerability Enables Remote Command Injection

Free Converter Apps that Convert your Clean System to Infected in Seconds

Cloudflare Zero-Day Vulnerability Enables Any Host Access Bypassing Protections

New AWS Console Supply Chain Attack Allows Hijack of AWS GitHub Repositories

Cisco 0-Day RCE Secure Email Gateway Vulnerability Exploited in the Wild

Promptware Kill Chain – Five-Step Kill Chain Model for Analyzing Cyberthreats

Go 1.25.6 and 1.24.12 Patch Critical Vulnerabilities Lead to DoS and Memory Exhaustion Risks

Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network

Palo Alto Networks Firewall Vulnerability Allows Attacker to Trigger DoS Attacks

Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features

Microsoft Desktop Window Manager 0-Day Vulnerability Exploited in the wild

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Chrome 144 Released With Fix for 10 Vulnerabilities in V8 JavaScript Engine

Exploit code public for critical FortiSIEM command injection flaw

Critical FortiSIEM Vulnerability Enables Arbitrary Commands Execution via Crafted TCP Packets

Critical FortiSIEM Vulnerability Enables Arbitrary Commands Execution via Crafted TCP Packets

FortiSandbox SSRF Vulnerability Allow Attacker to proxy Internal Traffic via Crafted HTTP Requests

Node.js Security Release Patches 7 Vulnerabilities Across All Release Lines

Microsoft Patch Tuesday January 2026 – 114 Vulnerabilities Fixed Including 3 Zero-days

Multiple Hikvision Vulnerabilities Let Attackers Cause Device Malfunction Using Crafted Packets

FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code

New GoBruteforcer attack wave targets crypto, blockchain projects

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Cisco Talos Traces UAT-7290’s Linux Malware Campaign Against Telecom Providers

Trend Micro warns of critical Apex Central RCE vulnerability

Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed

New Malware Automatically Send to Contacts via WhatsApp Web Attacks Windows Systems

CISA retires 10 emergency cyber orders in rare bulk closure

Fake Fortinet Sites Steal VPN Credentials in Sophisticated Phishing Attack

New OAuth-Based Attack Let Hackers Bypass Microsoft Entra Authentication Flows to Steal Keys

Three Malicious NPM Packages Attacking Developers to Steal Login Credentials

Forcepoint DLP Vulnerability Enables Memory Manipulation and Arbitrary Code Execution

Chinese Hackers Use NFC-Enabled Android Malware to Steal Payment Information

ToddyCat Malware Compromises Microsoft Exchange Servers using ProxyLogon Vulnerability

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Black Cat Hacker Group with Fake Notepad++ Sites to Install Malware and Steal Data

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

Critical Dolby Codec Vulnerability Exposes Android Devices to Code Execution Attacks

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical GNU Wget2 Vulnerability Let Remote Attackers to Overwrite Sensitive Files

RondoDoX Botnet Weaponizing a Critical React2Shell Vulnerability to Deploy Malware

Threat Actor Exploited Multiple FortiWeb Appliances to Deploy Sliver C2 for Persistent Access

GravityRAT Steals WhatsApp Backups and Uses CPU Temperature to Detect Sandboxes

Scattered Lapsus$ Hunters Resurface with New RaaS Platform ‘ShinySp1d3r’ and Aggressive Insider Recruitment

Threat Actors Hacked Global Companies via Leaked Cloud Credentials from Infostealer Infections

Stealthy Tuoni C2 Malware Targets Major U.S. Real Estate Firm with AI-Enhanced Tactics

Multiple Vulnerabilities in QNAP Tools Let Attackers Obtain Secret Data

Hackers Trapped in Resecurity’s Honeypot During Targeted Attack on Employee Network

Infostealers Enable Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting

Hackers Abusing Google Tasks Notification for Sophisticated Phishing Attack

IBM warns of critical API Connect auth bypass vulnerability

NeuroSploitv2 – AI-Powered Pentesting Tool With Claude, GPT, and Gemini models to Detect vulnerabilities

New Spear-Phishing Attack Targeting Security Individuals in Israel Region

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

Silver Fox Hackers Attacking Indian Entities with Income Tax Phishing Lures

Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access

Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts

Windows Event Logs Reveal the Messy Reality Behind ‘Sophisticated’ Cyberattacks

Windows Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

Hacker Threw MacBook in River to Erase Evidence in Coupang Data Breach

Hacker claims to leak WIRED database with 2.3 million records

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online – PoC Exploit Released

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data

Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data

China-Linked ‘Evasive Panda’ Poisoned DNS to Hack Users in India, Türkiye and China

Hackers Exploiting Three-Year-Old FortiGate Vulnerability to Bypass 2FA on Firewalls

Threat Actors Advertised NtKiller Malware on Dark Web Claiming Terminate Antivirus and EDR Bypass

Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash

100+ Cybersecurity Predictions 2026 for Industry Experts as the AI Adapted in the Wild

Google Now Allows Users to Change Their @gmail.com Email Address

Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours

PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution

PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel’s POSIX CPU Timers Implementation

Romanian water authority hit by ransomware attack over weekend

WebRAT malware spread via fake vulnerability exploits on GitHub

Microsoft Brokering File System Vulnerability Let Attackers Escalate Privileges

CISA Adds ASUS Embedded Malicious Code Vulnerability to KEV List Following Active Exploitation

New Udados Botnet Launches Massive HTTP Flood DDoS Attacks Targeting Tech Sector

Critical Apache Commons Text Vulnerability Enables Remote Code Execution Attacks

WatchGuard 0-day Vulnerability Exploited in the Wild to Hijack Firewalls

Critical Vulnerability in Popular Node.js Library Exposes Windows Systems to RCE Attacks

Microsoft Confirms Recent Windows 11 24H2/25H2 and Server 2025 Update Breaks RemoteApp Connections

BugTrace – AI-based Penetration Testing Tool to Detect Potential Vulnerabilities

CISA Adds Fortinet Vulnerability to KEV Catalog After Active Exploitation

Chinese Hackers Using Custom ShadowPad IIS Listener Module to Turn Compromised Servers into Active Nodes

Chrome Security Update – Patch for Critical Vulnerabilities that Enables Remote Code Execution

New GhostPairing Attack Let Attackers Gain Full Access in WhatsApp with Phone Number

The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet

Sonicwall warns of new SMA1000 zero-day exploited in attacks

LLMs are Accelerating the Ransomware Operations with Functional Tools and RaaS

Windows Remote Access Connection Manager Vulnerability Enables Arbitrary Code Execution

Critical FortiGate Devices SSO Vulnerabilities Actively Exploited in the Wild

Critical pgAdmin Vulnerability Let Attackers Execute Shell Commands on the Host

Windows Admin Center Vulnerability (CVE-2025-64669) Let Attackers Escalate Privileges

Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users

New JSCEAL Infostealer Malware Attacking Windows Systems to Steal Login Credentials

Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)

MITRE shares 2025's top 25 most dangerous software weaknesses

Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data

Notepad++ Vulnerability Let Attackers Hijack Network Traffic to Install Malware via Updates

Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File

Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code and Bypass Security

FortiSandbox OS command injection Vulnerability Let Attackers execute Malicious code

Gemini Zero-Click Vulnerability Let Attackers Access Gmail, Calendar, and Docs

Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code

Microsoft Outlook Vulnerability Let Attackers Execute Malicious Code Remotely

FortiOS, FortiWeb, and FortiProxy Vulnerability Lets Attackers Bypass FortiCloud SSO Authentication

Ransomware Targeting Hyper-V and VMware ESXi Surges as Akira Group Exploits System Vulnerabilities

Microsoft December 2025 Patch Tuesday – 56 Vulnerabilities Fixed Including 3 Zero-days

Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities

Hackers Can Leverage Delivery Receipts on WhatsApp and Signal to Extract User Private Information

Next.js Released a Scanner to Detect and Update Apps Impacted by React2Shell Vulnerability

NETREAPER Offensive Security Toolkit That Wraps 70+ Penetration Testing Tools

Researchers Uncovered AWS IAM Eventual Consistency to Establish Persistence

Portugal updates cybercrime law to exempt security researchers

Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges

Cybersecurity News Weekly Newsletter – 29.7 Tbps DDoS Attack, Chrome 143, React2Shell Vulnerabilities, and Cloudflare Outage

KimJongRAT Attacking Windows Users via Weaponized .hta Files to Steal Logins

China-Nexus Hackers Actively Exploiting React2Shell Vulnerability (CVE-2025-55182) in the Wild

New Scanner Tool for Detecting Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182)

Lazarus Group’s IT Workers Scheme Hacker Group Caught Live On Camera

Hackers Can Weaponize Claude Skills to Execute MedusaLocker Ransomware Attack

Chrome 143 Released With Fix for 13 Vulnerabilities that Enable Arbitrary Code Execution

Aisuru botnet behind new record-breaking 29.7 Tbps DDoS attack

CISA Warns of Android 0-Day Vulnerability Exploited in Attacks

Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks

Charging Cable that Hacks your Device to Record Keystrokes and Control Wi-Fi

Dead Man’s Switch – Widespread npm Supply Chain Attack Driving Malware Attacks

Critical Apache bRPC Framework Vulnerability Let Attackers Crash the Server

Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data

4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign

New Albiriox Malware Attacking Android Users to Take Complete Control of their Device

ASUS MyASUS Flaw Lets Hackers Escalate to SYSTEM-Level Access

Shai Hulud 2.0 Compromises 1,200+ Organizations, Exposing Critical Runtime Secrets

Hackers Exploit NTLM Authentication Flaws to Target Windows Systems

HashJack: New Attack Technique Tricks AI Browsers Using a Simple ‘#’

New EtherHiding Attack Uses Web-Based Attacks to Deliver Malware and Rotate Payloads

Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach

Water Gamayun Hackers Exploit Windows MSC EvilTwin 0-Day to Inject Stealthy Malware

New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request

OpenAI discloses API customer data breach via Mixpanel vendor hack

Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack

HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials

Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack

KawaiiGPT – New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks

Microsoft’s Update Health Tools Configuration Vulnerability Let Attackers Execute Arbitrary Code Remotely

PoC released for W3 Total Cache Vulnerability that Exposes 1+ Million Websites to RCE Attacks

APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods

Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials

Wireshark Vulnerabilities Let Attackers Crash by Injecting a Malformed Packet

CISA Warns of Oracle’s Identity Manager RCE Vulnerability Actively Exploited in Attacks

Cl0p Ransomware Strikes Globally: Cox Enterprises Hit — 9,479 Users’ Data Exposed via Oracle EBS Zero-Day

Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update

Microsoft Confirms Windows 11 24H2 Update Broken Multiple Core Features

Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges

Grafana warns of max severity admin spoofing vulnerability

Hackers Can Exploit Default ServiceNow AI Assistants Configurations to Launch Prompt Injection Attacks

Broadcom Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack

SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack

Threat Actors Allegedly Selling Microsoft Office 0-Day RCE Vulnerability on Hacking Forums

Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image

UNC1549 Hackers with Custom Tools Attacking Aerospace and Defense Systems to Steal Logins

Hackers Actively Exploiting 7-Zip RCE Vulnerability in the Wild

Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses

W3 Total Cache Command Injection Vulnerability Exposes 1 Million WordPress Sites to RCE Attacks

IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands

Chrome Type Confusion Zero-Day Vulnerability Actively Exploited in the Wild

Researchers Detailed Techniques to Detect Outlook NotDoor Backdoor Malware

Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks

CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access

TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials

Cisco Catalyst Center Vulnerability Let Attackers Escalate Priveleges

PoC Exploit Tool Released for FortiWeb WAF Vulnerability Exploited in the Wild

Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses

ChatGPT Hacked Using Custom GPTs Exploiting SSRF Vulnerability to Expose Secrets

Windows Remote Desktop Services Vulnerability Let Attackers Escalate Privileges

Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk

Windows Kernel 0‑day Vulnerability Actively Exploited in the Wild to Escalate Privilege

CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in Attacks

Threat Actors Attacking Outlook and Google Bypassing Traditional Email Defenses

MAD-CAT Meow Attack Tool to Simulate Real-World Data Corruption Attacks

Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution

Elastic Defend for Windows Vulnerability Let Attackers Escalate Privileges

HackGPT: AI-Powered Penetration Testing Platform Includes GPT-4 and Other AI Engines

Cybersecurity News Weekly Newsletter – Android and Cisco 0-Day, Teams Flaws, HackedGPT, and Whisper Leak

Hackers Can Attack Active Directory Sites to Escalate Privileges and Domain Compromise

Microsoft Entra Credentials in the Authenticator App on Jail-Broken Devices to be Wiped Out

Microsoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attacks

Hackers Deliver SSH-Tor Backdoor Via Weaponized Military Documents in ZIP Files

HydraPWK Penetration Testing OS With Necessary Hacking Tools and Simplified Interface

List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities

Chrome Emergency Update to Patch Multiple Vulnerabilities that Enable Remote Code Execution

Cisco Warns of Hackers Actively Exploiting ASA and FTD 0-day RCE Vulnerability in the Wild

Windows Cloud Files Mini Filter Driver Vulnerability Exploited to Escalate Privileges

Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild

Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed

Microsoft Warns Windows Systems May Enter BitLocker Recovery After October 2025 Updates

Hackers Exploit OneDrive.exe Through DLL Sideloading to Execute Arbitrary Code

Microsoft Warns Windows Systems May Enter BitLocker Recovery After October 2025 Updates

Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Network

Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks

Hackers Actively Scanning for TCP Port 8530/8531 Linked to WSUS Vulnerability CVE-2025-59287

Critical Android 0-Click Vulnerability in System Component Allows Remote Code Execution Attacks

Hackers Can Exploit Microsoft Teams Vulnerabilities to Manipulate Messages and Alter Notifications

Microsoft Patch for WSUS Vulnerability has Broken Hotpatching on Windows Server 2025

Hackers Can Manipulate Claude AI APIs with Indirect Prompts to Steal User Data

Windows Graphics Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code

Cybersecurity News Weekly Newsletter – EY Data Leak, Bind 9, Chrome Vulnerability, and Aardvar ChatGPT Agent

New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files

CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware

CISA: High-severity Linux flaw now exploited by ransomware gangs

New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding

Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access

Cybersecurity Newsletter Weekly – AWS Outage, WSUS Exploitation, Chrome Flaws, and RDP Attacks

New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver

Apache Tomcat Security Vulnerabilities Expose Servers to Remote Code Execution Attacks

Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group

Critical Dell Storage Manager Vulnerabilities Let Attackers Compromise System

Infamous Cybercriminal Forum BreachForums Is Back Again With a New Clear Net Domain

Hackers Exploiting Microsoft WSUS Vulnerability In The Wild – 2800 Instances Exposed Online

131 Malicious Extensions Targeting WhatsApp Used Found in Chrome Web Store

New PDF Tool to Detect Malicious PDF Using PDF Object Hashing Technique

Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data

CISA Warns of Hackers Actively Exploiting Windows Server Update Services RCE Vulnerability in the Wild

Hackers Abuse ASP.NET Machine Keys to Compromise IIS Servers and Deploy Malicious Modules

Microsoft Releases Emergency Patch For Windows Server Update Service RCE Vulnerability

Hackers Can Access Microsoft Teams Chat and Emails by Retrieving Access Tokens

Salt Typhoon Using Zero-Day Exploits and DLL Sideloading Techniques to Attack Organizations

Hackers Weaponizing OAuth Applications for Persistent Cloud Access Even After Password Reset

Multiple BIND 9 DNS Vulnerabilities Enable Cache Poisoning and Denial of Service Attacks

Azure Apps Vulnerability Lets Hackers Create Malicious Apps Mimicking Microsoft Teams

Critical ASP.NET Vulnerability Allows Attacker To Bypass Security Feature Remotely

Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code

Microsoft 365 Copilot Prompt Injection Vulnerability Allows Attackers to Exfiltrate Sensitive Data

Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily

CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks

CISA: High-severity Windows SMB flaw now exploited in attacks

New DefenderWrite Tool Let Attackers Inject Malicious DLLs into AV Executable Folders

PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability

PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation

PoC Exploit for 7-Zip Vulnerabilities that Allows Remote Code Execution

Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities

Critical Veeam Backup RCE Vulnerabilities Let Attackers Execute Malicious Code Remotely

Cisco IOS and IOS XE Software Vulnerabilities Let Attackers Execute Remote Code

Chrome Use After Free Vulnerability Let Attackers Execute Arbitrary Code

Cisco SNMP 0-Day Vulnerability Actively Exploited To Deploy Linux Rootkits

Windows Remote Desktop Client Vulnerability Let Attackers Execute Remote Code

Windows Remote Access Connection Manager 0-Day Vulnerability Actively Exploited in Attacks

Microsoft October 2025 Patch Tuesday – 4 Zero-days and 172 Vulnerabilities Patched

Hackers Can Bypass OpenAI Guardrails Using a Simple Prompt Injection Technique

FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands

Hackers Actively Compromising Databases Using Legitimate Commands

Microsoft Defender Vulnerabilities Allow Attackers to Bypass Authentication and Upload Malicious Files

APT Hackers Exploit ChatGPT to Create Sophisticated Malware and Phishing Emails

CISA Warns of Windows Privilege Escalation Vulnerability Exploited in Attacks

OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code – PoC Released

Chrome Security Update Patches 21 Vulnerabilities that Allow Attackers to Execute Arbitrary Code

Google Chrome RCE Vulnerability Details Released Along with Exploit Code

Google Chrome RCE Vulnerability Details Released Along with Exploit Code

Hackers Trick Users into Download Weaponized Microsoft Teams to Gain Remote Access

New AmCache EvilHunter Tool For Detecting Malicious Activities in Windows Systems

Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability

Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild

CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks

OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely

Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code

Hackers use Weaponized Microsoft Teams Installer to Compromise Systems With Oyster Malware

CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild

Hackers Exploiting WordPress Websites With Silent Malware to Gain Admin Access

Cisco ASA 0-Day RCE Vulnerability Actively Exploited in the Wild

Hackers Exploiting Hikvision Camera Vulnerability to Access Sensitive Information

Hackers Exploit WerFaultSecure.exe Tool to Steal Cached Passwords From LSASS on Windows 11 24H2

Automaker giant Stellantis confirms data breach after Salesforce hack

CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks

Beware of Fake Online Speedtest Application With Obfuscated JS Codes

Cisco IOS 0-Day RCE Vulnerability Actively Exploited in the Wild

Chrome High-severity Vulnerabilities Let Attackers Access Sensitive Data and Crash System

Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments

Windows 11 24H2 Update KB5064081 Breaks Video Content Playback

Chrome Type Confusion 0-Day Vulnerability Code Analysis Released

Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack

How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses

IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions

BitlockMove Tool Enables Lateral Movement via Bitlocker DCOM & COM Hijacking

Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication

EvilAI as AI-enhanced Tools to Exfiltrate Sensitive Browser Data and Evade Detections

Lazarus APT Hackers Using ClickFix Technique to Steal Sensitive Intelligence Data

Samsung patches actively exploited zero-day reported by WhatsApp

Samsung Zero-Day Vulnerability Actively Exploited to Execute Remote Code

Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges

Microsoft Teams Introduces Automatic Alerts for Malicious Links from Attackers

Elastic Security Incident – Hackers Accessed Email Account Contains Valid Credentials

HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance

PgAdmin Vulnerability Lets Attackers Gain Unauthorised Account Access

Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges

GhostRedirector Hackers Compromise Windows Servers With Malicious IIS Module To Manipulate Search Results

SpamGPT – AI-powered Attack Tool Used By Hackers For Massive Phishing Attack

FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands

Windows BitLocker Vulnerability Let Attackers Elevate Privileges

Chrome Security Update Patches Critical Remote Code Execution Vulnerability

Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack

Hackers Hijacked 18 Very Popular npm Packages With 2 Billion Weekly Downloads

How Prompt Injection Attacks Bypassing AI Agents With Users Input

Microsoft Confirms Recent Windows 11 24H2 Security Update Not Causing SSD/HDD Failures

New ClickFix Attack Mimic as AnyDesk Leverages Windows Search to Drop MetaStealer

New ClickFix Attack Mimic as AnyDesk Leverages Windows Search to Drop MetaStealer

New ‘NotDoor’ Malware Attacks Outlook Users to Exfiltrate Data and Compromise Computers

Attackers Are Abusing Malicious PDFs: Here’s How to Spot Them Early

Django Critical Vulnerability Let attackers Execute Malicious SQL Code on Web Servers

MobSF Security Testing Tool Vulnerability Let Attackers Upload Malicious Files

Critical SAP S/4HANA Vulnerability Actively Exploited to Fully Compromise Your SAP System

Critical 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode

CISA Warns of Android 0-Day Use-After-Free Vulnerability Exploited in Attacks

New Dire Wolf Ransomware Attack Windows Systems, Deletes Event Logs and Backup-Related Data

Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments

PoC Exploit Released for IIS WebDeploy Remote Code Execution Vulnerability

Weaponized PuTTY Via Bing Ads Exploit Kerberos and Attack Active Directory Services

Android Security Update – Patch for 0-Day Vulnerabilities Actively Exploited in Attack

Chrome Security Update – Patch for Vulnerabilities that Enable RCE Attacks

PoC Exploit Released for Chrome 0-Day Vulnerability Exploited in the Wild

Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization

Azure Active Directory Vulnerability Exposes Credentials and Enables Attackers to Deploy Malicious Apps

PoC Exploit & Vulnerability Analysis Released for Apple 0-Day RCE Vulnerability

Linux UDisks Daemon Vulnerability Allows Attackers Access to Privileged User Files

Critical Citrix 0-Day Vulnerability Exploited Since May, Leaving Global Entities Exposed

New ‘Sindoor Dropper’ Malware Targets Linux Systems with Weaponized .desktop Files

Hackers Abuse Microsoft Teams to Gain Remote Access on Windows With PowerShell-based Malware

WinRAR 0-Day Vulnerabilities Exploited in Wild by Hackers – Detailed Case Study

0-Day Clickjacking Vulnerabilities Found in Major Password Managers like 1Password, LastPass and Others

PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309)

Weaponized PuTTY Via Bing Ads Exploit Kerberos and Attack Active Directory Services

PoC Exploit Released for Chrome 0-Day Vulnerability Exploited in the Wild

CISA Warns of Apple iOS, iPadOS, and macOS 0-day Vulnerability Exploited in Attacks

Critical Apple 0-Day Vulnerability Actively Exploited in the Wild – Update Now

PoC Exploit & Vulnerability Analysis Released for Apple 0-Day RCE Vulnerability

Microsoft Confirms August 2025 Update Causes Severe Lag in Windows 11 24H2, and Windows 10

Hackers Weaponize Active Directory Federation Services and office.com to Steal Microsoft 365 logins

Azure’s Default API Connection Vulnerability Enables Full Cross-Tenant Compromise

ChatGPT-5 Downgrade Attack Let Hackers Bypass AI Security With Just a Few Words

Copilot Vulnerability Breaks Audit Logs and Access Files Secretly for Hackers

Chrome High-Severity Vulnerability Let Attackers Execute Arbitrary Code

CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware

New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers

Windows 11 24H2 Security Update Causes SSD/HDD Failures and Potential Data Corruption

Linux Kernel Netfilter Vulnerability Let Attackers Escalate Privileges

Critical PostgreSQL Vulnerabilities Allow Arbitrary Code Injection During Restoration

North Korean Hackers Stealthy Linux Malware Leaked Online

New Elastic EDR 0-Day Vulnerability Allows Attackers to Bypass Detection, Execute Malware, and Cause BSOD

Weekly Cybersecurity News Recap : Microsoft, Cisco, Fortinet Security Updates and Cyber Attacks

GPT-5 Jailbroken With Echo Chamber and Storytelling Attacks

New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Server/Endpoint, Domain Controllers Into DDoS Botnet

Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands

New Active Directory Lateral Movement Techniques that Bypasses Authentication and Exfiltrate Data

HTTP/1.1 Fatal Vulnerability Exposes Millions of Websites to Hostile Takeover

Mustang Panda Attacking Windows Users With ToneShell Malware Mimic as Google Chrome

Hackers Can Steal IIS Machine Keys by Exploiting SharePoint Deserialization Vulnerability

Raspberry Robin Malware Attacking Windows Systems With New Exploit for CLFS Driver Vulnerability

Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction

WAFs protection Bypassed to Execute XSS Payloads Using JS Injection with Parameter Pollution

$1,000,000 for WhatsApp 0-Click RCE Exploit at Pwn2Own Ireland 2025

Hackers Attacking IIS Servers With New Web Shell Script to Gain Complete Remote Control

Chinese Hackers Weaponizes Software Vulnerabilities to Compromise Their Targets

Oyster Malware as PuTTY, KeyPass Attacking IT Admins by Poisoning SEO Results

Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System

First Known LLM-Powered Malware From APT28 Hackers Integrates AI Capabilities into Attack Methodology

Threat Actors Attacking Linux SSH Servers to Deploy SVF Botnet

CISA Warns of Microsoft SharePoint Server 0-Day RCE Vulnerability Exploited in Wild

Chrome High-Severity Vulnerabilities Allow Attackers to Execute Arbitrary Code

New 7-Zip Vulnerability Enables Weaponized RAR5 File to Crash Your System

Weak Password Let Ransomware Gang Destroy 158-Year-Old Company

Laravel Security Notice: Livewire v3 Remote Code Execution Vulnerability!

New WAFFLED Attack Exploits AWS, Azure, Cloud Armor, Cloudflare, and ModSecurity WAFs

Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution

Microsoft Entra ID Vulnerability Let Attackers Escalate Privileges to Global Admin Role

Critical Cisco ISE Vulnerability Allows Remote Attacker to Execute Commands as Root User

Fortinet FortiWeb Instances Hacked With Webshells Following Public PoC Exploits

Microsoft Teams Call Weaponized to Deploy and Execute Matanbuchus Ransomware

Google Chrome 0-day Vulnerability Actively Exploited in the Wild

WinRAR 0‑Day Exploit Listed for $80K on Dark Web Forum

Interlock ransomware adopts new FileFix attack to push malware

20-Year-Old Vulnerability Allows Hackers to Control Train Brakes

New eSIM Hack Lets Attackers Clone Profiles and Hijack Phone Identities

New Forensic Technique Uncovers Hidden Trails Left by Hackers Exploiting Remote Desktop Protocol

Google Gemini for Workspace Vulnerability Lets Attackers Hide Malicious Scripts in Emails

Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability

Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub

Microsoft Patches Wormable RCE Vulnerability in Windows Client and Server

Fortinet FortiWeb Fabric Connector Vulnerability Exploited to Execute Remote Code

Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network

Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code

Windows BitLocker Bypass Vulnerability Let Attackers Bypass Security Feature

BERT Ransomware Forcibly Shut Down ESXi Virtual Machines to Disrupt Recovery

FortiOS Buffer Overflow Vulnerability Allows Attackers to Execute Arbitrary Code

Weaponized Versions of PuTTY and WinSCP Attacking IT Admins Via Search Results

APT36 Attacking BOSS Linux Systems With Weaponized ZIP Files to Steal Sensitive Data

PoC Released for Linux Privilege Escalation Vulnerability via udisksd and libblockdev

Massive Spike in Password Attacks Targeting Cisco ASA VPN Followed by Microsoft 365

New Sophisticated Attack Bypasses Content Security Policy Using HTML-Injection Technique

Apache Tomcat and Camel Vulnerabilities Actively Exploited in The Wild

Hackers use Fake Cloudflare Verification Screen to Trick Users into Executing Malware

Critical HIKVISION applyCT Vulnerability Exposes Devices to Code Execution Attacks

CISA Warns of Chrome 0-Day Vulnerability Exploited in Attacks

12-Year-Old Sudo Linux Vulnerability Enables Privilege Escalation to Root User

Threat Actors Exploiting Windows & Linux Servers Vulnerability to Deploy Web Shell

FileFix Attack Exploits Windows Browser Features to Bypass Mark-of-the-Web Protection

Hackers Actively Attacking Linux SSH Servers to Deploy TinyProxy or Sing-box Proxy Tools

Nessus for Windows Vulnerabilities Enables Overwrite of Arbitrary Local System Files

Hackers Use .PIF Files and UAC Bypass to Drop Remcos Malware on Windows

Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

RansomHub Ransomware Attacking RDP Servers Using Mimikatz and Advanced IP Scanner Tools

Chrome Security Update: Patch for 11 Vulnerabilities Enabling Malicious Code Execution

Cisco Identity Services Engine RCE Vulnerability Allows Command Execution as Root User

Firefox 140 Released With Fix for Code Execution Vulnerability – Update Now

CISA Warns of FortiOS Hard-Coded Credentials Vulnerability Exploited in Attacks

TeamFiltration Pentesting Tool Weaponized to Hijack Microsoft Teams, Outlook, and Other Accounts

SonicWall warns of trojanized NetExtender stealing VPN logins

Critical OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems

New ‘CitrixBleed2’ NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild

NCSC Warns of ‘UMBRELLA STAND’ Malware Attacking Fortinet FortiGate Firewalls

TeamViewer for Windows Vulnerability Let Attackers Delete Files Using SYSTEM Privileges

WinRAR Directory Vulnerability Allows Arbitrary Code Execution Using a Malicious File

OWASP AI Testing Guide – A New Project to Detect Vulnerabilities in AI Applications

Threat Actor Allegedly Selling FortiGate API Exploit Tool Targeting FortiOS

Notepad++ Vulnerability Let Attacker Gain Complete System Control – PoC Released

Notepad++ Vulnerability Allows Full System Takeover — PoC Released

CISA Warns of iOS 0-Click Vulnerability Exploited in the Wild

Graphite Spyware Exploits Apple iOS Zero-Click Vulnerability to Attack Journalists

Apache Tomcat Vulnerabilities Allow Authentication Bypass and DoS Attacks

Hackers Can Hide Images in Text Data and Embeds Directly into DNS TXT Records

0-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams

Windows SMB Client Zero-Day Vulnerability Exploited Using Reflective Kerberos Relay Attack

Multiple Chrome Vulnerabilities Allow Attackers to Execute Malicious Code Remotely

Windows Remote Desktop Services Vulnerability Allows Remote Code Execution

Microsoft Outlook Vulnerability Let Attackers Execute Arbitrary Code Remotely

Critical SOQL Injection 0-Day Vulnerability in Salesforce Affects Millions Worldwide

Wireshark Certified Analyst: Official Wireshark Certification Released for Security Professionals

New Malware Attack Via “I’m not a Robot Check” to Trick Users into Running Malware

New Crocodilus Malware Let Attacker Gain Full Control of Your Android Device

PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution

Critical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwide

New ClickFix Attack Exploits Fake Cloudflare Human Check to Install Malware Silently

PoC Exploit Released for Apache Tomcat DoS Vulnerability

Wireshark Vulnerability Enables DoS Attack Through Malicious Packet Injection

CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code

New Phishing Attack that Hides Malicious Link from Outlook Users

Google Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code

ChoiceJacking Attack Let Hackers Compromise Android & iOS Devices via Malicious Charger

Microsoft OneDrive File Picker Vulnerability Exposes Users’ Entire Cloud Storage to Websites

Apache Tomcat CGI Servlet Vulnerability Allows Security Constraint Bypass

Weaponized Google Meet Page Tricks Users into Running PowerShell Malware

Bitwarden PDF File Handler Vulnerability Let Attackers Upload Malicious PDF Files

Chrome Security Update – High-Severity Vulnerabilities Lead to Code Execution

GitHub MCP Server Vulnerability Let Attackers Access Private Repositories

New Attack Bypasses HTTP/2 Security for Arbitrary Cross-Site Scripting

Critical vBulletin Forum Vulnerability Let Attackers Execute Remote Code

SharpSuccessor: PoC for Exploiting BadSuccessor Vulnerability in Windows Server 2025

Vulnerability in Popular macOS App Cursor Allows Malware to Bypass Privacy Protections, Exposing User Data

Fortinet Zero-Day Under Attack: PoC Now Publicly Available

Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT

Everest Hacking Group Claims Coca-Cola Data Breach, Exfiltrates 23 Million Records

New Attack Exploits dMSA in Windows Server 2025 to Compromise Any Active Directory Users

New Phishing Attack Mimic as Zoom Meeting Invites to Steal Login Details

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

Windows 11 Privilege Escalation Vulnerability Let Attackers Gain Admin Access in Under 300 Milliseconds

Hackers Exploit RVTools to Deploy Bumblebee Malware on Windows Systems

Firefox 0-day Vulnerabilities Let Attackers Execute Malicious Code

Sophisticated NPM Attack Exploits Google Calendar C2 For Sophisticated Communication

PupkinStealer Attacks Windows System to Steal Login Credentials & Desktop Files

Google Chrome 0-Day Vulnerability Exploited in the Wild – Update Now

SAP May 2025 Patch Tuesday – Patch for Actively Exploited 0-Day & 15 Vulnerabilities

Microsoft Defender Vulnerability Allows Attackers to Elevate Privileges

Node.js Vulnerability Allows Attackers to Crash the Process & Halt Services

VMware Tools Vulnerability Let Attackers Tamper Files to Trigger Malicious Operations

Xanthorox – New BlackHat AI Tool Used to Launch Phishing & Malware Attacks

Hackers Attacking Windows IIS Web Server With Native Module Malware

BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released

FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device

Kimsuky Hacker Group Employs New Phishing Tactics & Malware Infections

Hackers Leverage JPG Images to Execute Fully Undetectable Ransomware

Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution

160-Year-Old IT Firm Closed Following Ransomware Attack: Director Sounds Alarm

Hackers Selling SS7 0-Day Vulnerability on Hacker Forums for $5000

Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware

Critical Microsoft Telnet 0-Click Vulnerability Exposes Windows Credentials

Critical Webmin Vulnerability Let Remote Attackers Escalate Privileges to Root-Level

New Chimera Malware That Outsmarts Antivirus, Firewalls, & Humans

New iOS Critical Vulnerability That Could Brick iPhones With a Single Line of Code

Oracle VirtualBox Vulnerability Exposes Systems to Privilege Escalation Attacks

Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code – PoC Released

Apache Tomcat Vulnerability Let Attackers Bypass Rules & Trigger DoS Condition

Kali Linux Warns that Update Process is Going to Fail for All Users

SonicWall SSLVPN Vulnerability Let Remote Attackers Crash Firewall Appliances

'Cookie Bite' Entra ID Attack Exposes Microsoft 365

New Phishing Attack Appending Weaponized HTML Files Inside SVG Files

New Phishing Campaign Attacking Investors to Steal Login Credentials

WinRAR “Mark of the Web” Bypass Vulnerability Let Attackers Arbitrary Code

Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control

SonicWall Firewall Vulnerability Exploited to Gain Unauthorized Network Access

Babuk Ransomware Group Claims Attack on Telecommunication Firm Orange

CISA Warns of SonicWall SonicOS RCE Vulnerability Actively Exploited in the Wild

New JavaScript Attack Hijacking Government And University Websites

FlowerStorm “Phishing-as-a-Service” Attacking Microsoft Users With Fake Login Pages

Windows 11 BitLocker Encryption Bypassed To Extract Volume Encryption Keys

Top Challenges Faced by vCISOs and How to Overcome Them

How vCISOs Are Transforming Cybersecurity for Remote and Hybrid Work Environments

How a vCISO Can Help Achieve Compliance with Regulatory Requirements

 Real-Life Cyber Attacks Prevented by VAPT: Success Stories from the Field

The Importance of VAPT in Cybersecurity: Protecting Your Digital Assets

VAPT for Small and Medium Enterprises (SMEs): Why It Matters and How to Get Started

Building a Robust Managed Threat Detection and Response Strategy

The Benefits of Managed Threat Detection and Response

An Introduction to Managed Threat Detection and Response

The Role of Unified SIEM and XDR in Compliance and Risk Management

How Unified SIEM and XDR Enhance Threat Detection and Response

Top 5 Tips for Telecommunication Staffing

Understanding Unified SIEM and XDR: The Future of Cybersecurity

Tackling Staff Shortages with On-Demand Healthcare Staffing

Role of Float Pools in Healthcare Staffing

GDPR Compliance in the E-Commerce Industry: Protecting Customer Data in the Digital Age

SOC 2 Compliance in the Technology Industry: Ensuring Trust and Security

HIPAA Compliance in the Healthcare Industry: Ensuring Patient Privacy in a Digital World

 ISO 27001 Compliance in the Finance Industry: Safeguarding Sensitive Data

PCI-DSS Compliance for the Retail Industry: Staying Ahead in the Era of Digital Transactions

GDPR Compliance: Protecting Personal Data in the EU

HIPAA Compliance: Protecting Health Information

ISO 27001 Compliance: The Gold Standard for Information Security

Understanding PCI-DSS Compliance: Essential for Protecting Payment Data

5 Simple Ways to Protect Data Assets

Automating Threat Hunting

Security for Chatbots

Antivirus Software may not be enough

Securing Remote Work: Best Practices for Remote Access Security

The Role of Managed Security Services in Cyber Defense

The Rise of Ransomware Attacks: How to Defend Against Them

Building a Cyber Incident Response Plan: Key Components and Best Practices

Protecting Your Data: Best Practices for Data Encryption

Understanding the Basics of Penetration Testing

Securing Your Operational Technology Environment: Importance of Cybersecurity and Strategies for Improvement

The Importance of Security Awareness Training for Employees

Enhance Your Organization’s Cybersecurity with iSecurify’s Virtual Chief Information Security Officer (vCISO) Services

Top 10 Cybersecurity Threats Facing Businesses in 2024

Defending Against Phishing and Social Engineering Attacks: The Power of Awareness