Hackers Use Zoom to Steal Crypto: How Elusive Comet Tricks Victims in Fake Interviews
A cyber group known as Elusive Comet is using a new kind of social engineering attack that takes advantage of […]
Scallywag Scam: 1.4 Billion Daily Fake Ads Linked to WordPress Sites
A major online ad fraud operation known as Scallywag has been uncovered, showing how cybercriminals abused WordPress plugins to trick
Hackers Exploit Google OAuth to Send Verified Phishing Emails
In a sophisticated phishing campaign (using google Oauth), hackers have discovered a way to send fake emails that appear to
Critical CVE-2025-2492 ASUS Warns of 9.2-Rated AiCloud Vulnerability
ASUS has confirmed a severe security vulnerability affecting several of its routers that have the AiCloud feature enabled. The company
Windows Flaw CVE-2025-24054 Actively Exploited to Steal NTLM Passwords
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Windows security flaw, CVE-2025-24054, to its Known Exploited
Apache Roller Vulnerability (CVE-2025-24859) Allows Unauthorized Access After Password Reset
A critical security vulnerability has been discovered in Apache Roller, a widely used open-source Java-based blogging server, which puts websites
Pakistan-Linked SideCopy APT Strikes Indian Government Agencies
A well-known hacker group named SideCopy APT is targeting Indian government ministries and critical infrastructure with dangerous cyberattacks. According to
Google Chrome 136 Update Stops Websites from Tracking Your Browsing History
Google has finally addressed a major privacy flaw in its Chrome browser that allowed websites to track a user’s browsing
Microsoft Defender Now Blocks Unknown Devices to Stop Cyberattacks
Microsoft is rolling out a new security feature in its Defender for Endpoint platform designed to block cyberattacks before they
CVE-2025-3102: OttoKit WordPress Plugin Exploit Gives Hackers Full Site Control
A serious security vulnerability in the popular OttoKit WordPress plugin (formerly known as SureTriggers) is being actively exploited by hackers
CVE-2025-30406: CentreStack Vulnerability Lets Hackers Remotely Control Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious security vulnerability affecting Gladinet CentreStack,
CVE-2024-48887: Fortinet Warns of Severe Flaw in FortiSwitch Admin Interface
Fortinet, a global leader in cybersecurity solutions, has issued an urgent warning to all users of its FortiSwitch products. The
Google Fixes Two Actively Exploited Android Bugs in April 2025 Update
Google has rolled out its April 2025 Android security update, fixing a total of 62 vulnerabilities, including two high-severity flaws
Cryptojacking via VS Code: Hidden Crypto Miners Found in 300K Devices
A large-scale cryptojacking campaign has been discovered using malicious Visual Studio Code (VS Code) extensions. According to cybersecurity researchers at
CVE-2025-22457: Ivanti Connect Secure Zero-Day and Chinese APT Group
Ivanti has rolled out important security patches for a serious vulnerability in its Connect Secure VPN appliances. The flaw, tracked