CISA Adds PHPMailer, Zimbra, and Rails Bugs to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding four high-risk security vulnerabilities to its […]
Security
Canada Bans Hikvision Over National Security Risks: Full Global Impact Explained
In a major move to protect national security, the Government of Canada has officially banned Chinese surveillance company Hikvision from
CISA Warns of SinoTrack GPS Security Bug Allowing Track and Disable Cars
Security researchers have found two major vulnerabilities in SinoTrack GPS tracking devices that put connected vehicles at serious risk. These
Trojanized KeePass Password Manager Targets ESXi Servers
Hackers have been distributing fake versions of the popular KeePass password manager to spread malware and launch ransomware attacks. According
Defendnot Tool Disables Microsoft Defender with Fake Antivirus
A newly discovered tool called Defendnot is making headlines in the cybersecurity world for its ability to turn off Microsoft
SentinelOne EDR Bypassed By Hackers Using EDR Upgrade Flaw
Cyber experts have disclosed a new method that allows hackers to bypass SentinelOne’s Endpoint Detection and Response (EDR) system, putting
Microsoft Adopts Passwordless Sign-In for All New Accounts in 2025
Microsoft has announced that all new Microsoft accounts will now be passwordless by default. This means users creating new accounts
SonicWall SMA Flaws Under Active Attack: Patch Now, Warns CISA
SonicWall has issued a serious warning to users of its Secure Mobile Access (SMA) 100 Series appliances. Two significant security
Hackers Use Zoom to Steal Crypto: How Elusive Comet Tricks Victims in Fake Interviews
A cyber group known as Elusive Comet is using a new kind of social engineering attack that takes advantage of
CVE-2024-48887: Fortinet Warns of Severe Flaw in FortiSwitch Admin Interface
Fortinet, a global leader in cybersecurity solutions, has issued an urgent warning to all users of its FortiSwitch products. The
Cryptojacking via VS Code: Hidden Crypto Miners Found in 300K Devices
A large-scale cryptojacking campaign has been discovered using malicious Visual Studio Code (VS Code) extensions. According to cybersecurity researchers at
Supply Chain Breach: SpotBugs PAT Theft Triggers GitHub Malware Spread
A recent GitHub supply chain attack that initially impacted Coinbase has now been traced back to a deeper issue: the
PostgreSQL Under Attack: Fileless Malware Infects 1,500+ Cloud Servers
Cybercriminals are actively exploiting misconfigured PostgreSQL servers to deploy a fileless cryptominer, with over 1,500 systems compromised. Security researchers at
Quick Machine Recovery: Microsoft’s Solution to Windows 11 Startup Issues
Microsoft is testing a new feature in Windows 11 called Quick Machine Recovery, designed to remotely resolve boot crashes caused
Microsoft’s March Update: 57 Vulnerabilities Fixed, 6 Zero-Days Patched
Microsoft has rolled out its latest Patch Tuesday update, addressing 57 security vulnerabilities, including six zero-day flaws that are currently