Microsoft Adopts Passwordless Sign-In for All New Accounts in 2025
Microsoft has announced that all new Microsoft accounts will now be passwordless by default. This means users creating new accounts […]
SonicWall SMA Flaws Under Active Attack: Patch Now, Warns CISA
SonicWall has issued a serious warning to users of its Secure Mobile Access (SMA) 100 Series appliances. Two significant security
Warning: Malicious WordPress Plugin Provides Remote Admin Access
WordPress website owners are being targeted by a new malware campaign that disguises itself as a legitimate security plugin. This
Proton Mail Banned in India After AI Powered Deepfake Email Scandal
In a significant move, the Karnataka High Court has directed the Indian government to block access to Proton Mail, a
Google: Nearly Half of 2024’s Zero-Day Exploits Targeted Security Tools
Google has revealed that 75 zero-day vulnerabilities were actively exploited by cyber attackers in 2024. This marks a decrease from
Kali Linux Update Failures: New Signing Key Installation Guide
Offensive Security (OffSec), the team behind Kali Linux, has issued an important warning to all users: update failures will happen
New WooCommerce Phishing Attack Installs Malware on WordPress Websites
A new phishing campaign is targeting WooCommerce admins by sending fake security alerts. The emails trick users into downloading a
Zero-Day SAP Vulnerability CVE-2025-31324 Under Active Attack, Patch Now!
A newly discovered vulnerability in SAP NetWeaver is being actively exploited by cybercriminals to plant malicious web shells and deploy
Critical Commvault Flaw (CVE-2025-34028) Lets Hackers Execute Code Remotely
A serious vulnerability has been discovered in Commvault Command Center, putting many systems at risk of being fully compromised by
Hackers Use Zoom to Steal Crypto: How Elusive Comet Tricks Victims in Fake Interviews
A cyber group known as Elusive Comet is using a new kind of social engineering attack that takes advantage of
Scallywag Scam: 1.4 Billion Daily Fake Ads Linked to WordPress Sites
A major online ad fraud operation known as Scallywag has been uncovered, showing how cybercriminals abused WordPress plugins to trick
Hackers Exploit Google OAuth to Send Verified Phishing Emails
In a sophisticated phishing campaign (using google Oauth), hackers have discovered a way to send fake emails that appear to
Critical CVE-2025-2492 ASUS Warns of 9.2-Rated AiCloud Vulnerability
ASUS has confirmed a severe security vulnerability affecting several of its routers that have the AiCloud feature enabled. The company
Windows Flaw CVE-2025-24054 Actively Exploited to Steal NTLM Passwords
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Windows security flaw, CVE-2025-24054, to its Known Exploited
Apache Roller Vulnerability (CVE-2025-24859) Allows Unauthorized Access After Password Reset
A critical security vulnerability has been discovered in Apache Roller, a widely used open-source Java-based blogging server, which puts websites