Malware Abuse of Windows UI Automation Framework Exposes EDR Blindspots
A new malware technique leverages Windows’ UI Automation (UIA) framework, enabling stealthy malicious operations while bypassing endpoint detection and response […]
Zero-Day Exploit in Cleo File Transfer Tools Sparks Global Security Alert
Cybersecurity experts are sounding the alarm after discovering widespread exploitation of a critical vulnerability in Cleo-managed file transfer software, affecting
AI Security Alert: Prompt Injection Flaws Exposed in DeepSeek and Claude AI
Recent discoveries have shed light on critical prompt injection vulnerabilities in AI-powered tools like DeepSeek and Anthropic’s Claude AI. If
Windows Zero-Day Exposes NTLM Credentials
A newly discovered Windows zero-day vulnerability has surfaced, enabling attackers to steal NTLM credentials with minimal user interaction. The flaw,
Mitel Patches Severe MiCollab Flaw Allowing Admin Access
A critical vulnerability in Mitel’s MiCollab software, now patched, has been revealed to enable attackers to gain unauthorized access to
Cloudflare Domains Exploited: A 250% Surge in Cyber Threats
Cloudflare’s developer platforms, including pages.dev and workers.dev, are increasingly exploited by cybercriminals for phishing and other malicious activities. These domains,
BootKitty: The First Linux UEFI Bootkit Exploiting the LogoFAIL Flaw
A new form of UEFI malware, named BootKitty, has been discovered targeting Linux systems by exploiting a serious vulnerability known
Critical Flaws Found in Advantech Industrial Wi-Fi Access Points
Over 20 security vulnerabilities are discovered in Advantech EKI industrial Wi-Fi access points, with several posing critical risks. These flaws
Critical Flaws in WordPress Anti-Spam Plugin Put Over 200,000 Sites at Risk
Two critical vulnerabilities in the widely used WordPress plugin, Spam protection, Anti-Spam, and FireWall by CleanTalk, have been discovered, potentially
Russian RomCom Exploits Zero-Day Flaws in Firefox and Windows
In a sophisticated wave of cyberattacks, a Russia linked threat group RomCom has exploited two zero-day vulnerabilities—one in Mozilla Firefox
Hackers Exploit Avast Anti-Rootkit Driver to System Takeover
In a concerning development, cybercriminals are leveraging an old, vulnerable version of Avast’s Anti-Rootkit driver to disable security defenses and
Critical Infrastructure Security: Over 145,000 ICS Systems Exposed Online
New research highlights a major cybersecurity concern: over 145,000 Industrial Control Systems (ICS) are currently exposed to the internet across
Apple Urges Users to Update Devices Amid Active Zero-Day Exploits
Apple has rolled out critical security updates for its ecosystem, covering iOS, iPadOS, macOS, visionOS, and the Safari browser. These
PAN-OS Firewall Vulnerability Actively Exploited: Its Critical
Palo Alto Networks has confirmed active exploitation of a critical zero-day vulnerability in its PAN-OS firewall management interface. This flaw,
Microsoft Patches Exploited Zero-Day Windows Vulnerability Targeting Ukraine
Microsoft has reportedly patched a zero-day vulnerability in Windows, which has been exploited in ongoing cyberattacks targeting Ukrainian organizations. The