Microsoft OneDrive File Picker Bug Exposes Entire Cloud Storage to Third-Party Apps
A security flaw has been discovered in Microsoft’s OneDrive File Picker that could allow third-party apps and websites to access […]
cloud security
CISA Warns of Cloud Attacks Targeting Microsoft 365 App Secrets
Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about possible large-scale cyberattacks targeting Software-as-a-Service (SaaS) applications, especially those
CVE-2024-7399: Critical Samsung MagicINFO Server RCE Flaw Exploited
A security flaw in Samsung’s MagicINFO 9 Server is now being actively used by hackers to hijack systems and install
Critical CVE-2025-2492 ASUS Warns of 9.2-Rated AiCloud Vulnerability
ASUS has confirmed a severe security vulnerability affecting several of its routers that have the AiCloud feature enabled. The company
Severe Apache Parquet Flaw (CVE-2025-30065) Exposes Big Data Systems
A maximum severity remote code execution (RCE) vulnerability has been identified in Apache Parquet, affecting all versions up to and
PostgreSQL Under Attack: Fileless Malware Infects 1,500+ Cloud Servers
Cybercriminals are actively exploiting misconfigured PostgreSQL servers to deploy a fileless cryptominer, with over 1,500 systems compromised. Security researchers at
Massive Oracle Cloud Hack Exposes 140,000 Enterprises: Hackers Demand Ransom
A massive security breach in Oracle Cloud has put over 140,000 enterprise customers at risk. A hacker exploited a vulnerability
NAKIVO Backup Vulnerability Under Attack: CISA Issues Urgent Alert
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over a newly exploited security flaw in NAKIVO Backup
Severe AMI MegaRAC Vulnerability Exposes Data Centers to Attacks
A critical vulnerability in American Megatrends International’s (AMI) MegaRAC Baseboard Management Controller (BMC) software poses a severe risk to data
AWS Users at Risk: whoAMI Attack Enables Remote Code Execution
A new cybersecurity threat called the “whoAMI” attack is putting Amazon Web Services (AWS) users at risk by exploiting name