CVE-2024-7399: Critical Samsung MagicINFO Server RCE Flaw Exploited
A security flaw in Samsung’s MagicINFO 9 Server is now being actively used by hackers to hijack systems and install […]
Alert
SonicWall SMA Flaws Under Active Attack: Patch Now, Warns CISA
SonicWall has issued a serious warning to users of its Secure Mobile Access (SMA) 100 Series appliances. Two significant security
Warning: Malicious WordPress Plugin Provides Remote Admin Access
WordPress website owners are being targeted by a new malware campaign that disguises itself as a legitimate security plugin. This
Critical Commvault Flaw (CVE-2025-34028) Lets Hackers Execute Code Remotely
A serious vulnerability has been discovered in Commvault Command Center, putting many systems at risk of being fully compromised by
Critical CVE-2025-2492 ASUS Warns of 9.2-Rated AiCloud Vulnerability
ASUS has confirmed a severe security vulnerability affecting several of its routers that have the AiCloud feature enabled. The company
Apache Roller Vulnerability (CVE-2025-24859) Allows Unauthorized Access After Password Reset
A critical security vulnerability has been discovered in Apache Roller, a widely used open-source Java-based blogging server, which puts websites
Pakistan-Linked SideCopy APT Strikes Indian Government Agencies
A well-known hacker group named SideCopy APT is targeting Indian government ministries and critical infrastructure with dangerous cyberattacks. According to
CVE-2025-3102: OttoKit WordPress Plugin Exploit Gives Hackers Full Site Control
A serious security vulnerability in the popular OttoKit WordPress plugin (formerly known as SureTriggers) is being actively exploited by hackers
CVE-2024-48887: Fortinet Warns of Severe Flaw in FortiSwitch Admin Interface
Fortinet, a global leader in cybersecurity solutions, has issued an urgent warning to all users of its FortiSwitch products. The
Cryptojacking via VS Code: Hidden Crypto Miners Found in 300K Devices
A large-scale cryptojacking campaign has been discovered using malicious Visual Studio Code (VS Code) extensions. According to cybersecurity researchers at
CVE-2025-22457: Ivanti Connect Secure Zero-Day and Chinese APT Group
Ivanti has rolled out important security patches for a serious vulnerability in its Connect Secure VPN appliances. The flaw, tracked
Hackers Use GitHub C2 and Call Stack Spoofing in Latest Malware Attacks
Cybersecurity researchers have uncovered an updated version of the malware loader known as Hijack Loader, which incorporates advanced techniques to
Google Patches High-Severity Chrome Vulnerability: CVE-2025-2783
Google has released an urgent security update to fix a high-severity zero-day vulnerability in its Chrome browser. The flaw, tracked
CVE-2025-29927: Next.js Vulnerability Exposes Websites to Authorization Bypass
A vulnerability in Next.js, an open-source React framework, could allow attackers to bypass authorization mechanisms, exposing web applications to security
Massive Oracle Cloud Hack Exposes 140,000 Enterprises: Hackers Demand Ransom
A massive security breach in Oracle Cloud has put over 140,000 enterprise customers at risk. A hacker exploited a vulnerability