Kibana Security Flaw (CVE-2025-25012): Elastic Issues Critical Fix
Elastic has released an urgent security update to fix a critical vulnerability in Kibana, the popular data visualization dashboard for […]
Alert
Critical VMware Vulnerabilities: CISA Mandates Immediate Patching
Broadcom has issued urgent security updates to address three critical vulnerabilities in VMware ESXi, Workstation, and Fusion that are actively
Critical Paragon Driver Flaw (CVE-2025-0289) Used in Ransomware Campaigns
Hackers are actively exploiting a security vulnerability in the Paragon Partition Manager’s BioNTdrv.sys driver, using it in ransomware attacks to
Stealthy Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access
A new Linux malware, dubbed Auto-Color, has been actively targeting universities and government organizations across North America and Asia between
Truesight.sys Driver Abused to Bypass EDR and Deliver HiddenGh0st RAT
Attackers have reportedly exploited a vulnerable Windows driver, Truesight.sys, to bypass Endpoint Detection and Response (EDR) systems and deploy the
Chinese Salt Typhoon Hackers Exploit Cisco Flaw CVE-2018-0171 to Target U.S. Telecoms
Cisco has confirmed that a Chinese state-backed hacking group, known as Salt Typhoon, exploited a known security vulnerability (CVE-2018-0171) to
Signal Users Targeted in New QR Code Phishing Attacks
Cybercriminals aligned with Russia have been actively exploiting the linked devices feature in Signal, the popular privacy-focused messaging app, to
Golang-Based Malware Uses Telegram to Evade Detection
A Golang-based backdoor is leveraging Telegram for command-and-control (C2) communications, making it harder to detect and mitigate. Cybersecurity researchers at
High-Severity Palo Alto PAN-OS Vulnerability Alert: CVE-2025-0108
Palo Alto Networks has released crucial security updates to fix a high-severity vulnerability in its PAN-OS software that could allow
CVE-2025-24200: Apple Patches Zero-Day Exploit Targeting iPhones
Apple has released out-of-band security updates on Monday to address a critical vulnerability in iOS and iPadOS. This zero-day flaw,
Zimbra Issues Critical Security Patches for SQL Injection, XSS, and SSRF Flaws
Zimbra, a widely used collaboration and email platform, has released a series of critical security updates to patch vulnerabilities that
Critical Trimble Cityworks Flaw Under Attack: CISA Issues Urgent Alert
Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding an actively exploited security vulnerability in Trimble Cityworks,
Critical Veeam Flaw Exposes Backup Systems to Remote Code Execution
Veeam has released security patches to fix a critical vulnerability in its Backup software that could allow attackers to execute
Lightning AI Security Breach: Hidden URL Parameter Could Have Given Hackers Root Access
Cybersecurity researchers have uncovered a critical vulnerability in the Lightning AI Studio development platform that could have enabled remote code
J-magic Backdoor: Juniper Routers Under Attack by Magic Packet Exploit
Juniper Networks, a key provider of enterprise-grade networking solutions, has become the focal point of a sophisticated cyber campaign labeled