Kibana Security Flaw (CVE-2025-25012): Elastic Issues Critical Fix
Elastic has released an urgent security update to fix a critical vulnerability in Kibana, the popular data visualization dashboard for […]
Critical VMware Vulnerabilities: CISA Mandates Immediate Patching
Broadcom has issued urgent security updates to address three critical vulnerabilities in VMware ESXi, Workstation, and Fusion that are actively
Critical Paragon Driver Flaw (CVE-2025-0289) Used in Ransomware Campaigns
Hackers are actively exploiting a security vulnerability in the Paragon Partition Manager’s BioNTdrv.sys driver, using it in ransomware attacks to
Phishing CAPTCHA PDFs Deliver Lumma Stealer Malware via Webflow and GoDaddy
A phishing campaign has been uncovered that uses fake CAPTCHA images embedded in PDF documents to distribute the Lumma Stealer
Stealthy Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access
A new Linux malware, dubbed Auto-Color, has been actively targeting universities and government organizations across North America and Asia between
Truesight.sys Driver Abused to Bypass EDR and Deliver HiddenGh0st RAT
Attackers have reportedly exploited a vulnerable Windows driver, Truesight.sys, to bypass Endpoint Detection and Response (EDR) systems and deploy the
Chinese Salt Typhoon Hackers Exploit Cisco Flaw CVE-2018-0171 to Target U.S. Telecoms
Cisco has confirmed that a Chinese state-backed hacking group, known as Salt Typhoon, exploited a known security vulnerability (CVE-2018-0171) to
Signal Users Targeted in New QR Code Phishing Attacks
Cybercriminals aligned with Russia have been actively exploiting the linked devices feature in Signal, the popular privacy-focused messaging app, to
Golang-Based Malware Uses Telegram to Evade Detection
A Golang-based backdoor is leveraging Telegram for command-and-control (C2) communications, making it harder to detect and mitigate. Cybersecurity researchers at
AWS Users at Risk: whoAMI Attack Enables Remote Code Execution
A new cybersecurity threat called the “whoAMI” attack is putting Amazon Web Services (AWS) users at risk by exploiting name
High-Severity Palo Alto PAN-OS Vulnerability Alert: CVE-2025-0108
Palo Alto Networks has released crucial security updates to fix a high-severity vulnerability in its PAN-OS software that could allow
CVE-2025-24200: Apple Patches Zero-Day Exploit Targeting iPhones
Apple has released out-of-band security updates on Monday to address a critical vulnerability in iOS and iPadOS. This zero-day flaw,
Zimbra Issues Critical Security Patches for SQL Injection, XSS, and SSRF Flaws
Zimbra, a widely used collaboration and email platform, has released a series of critical security updates to patch vulnerabilities that
DeepSeek Under Fire for Transmitting Sensitive Data Without Encryption
A recent security audit of the popular DeepSeek mobile application for Apple iOS has uncovered severe vulnerabilities that pose significant
Critical Trimble Cityworks Flaw Under Attack: CISA Issues Urgent Alert
Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding an actively exploited security vulnerability in Trimble Cityworks,