CVE-2025-3102: OttoKit WordPress Plugin Exploit Gives Hackers Full Site Control
A serious security vulnerability in the popular OttoKit WordPress plugin (formerly known as SureTriggers) is being actively exploited by hackers […]
CVE-2025-30406: CentreStack Vulnerability Lets Hackers Remotely Control Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious security vulnerability affecting Gladinet CentreStack,
CVE-2024-48887: Fortinet Warns of Severe Flaw in FortiSwitch Admin Interface
Fortinet, a global leader in cybersecurity solutions, has issued an urgent warning to all users of its FortiSwitch products. The
Google Fixes Two Actively Exploited Android Bugs in April 2025 Update
Google has rolled out its April 2025 Android security update, fixing a total of 62 vulnerabilities, including two high-severity flaws
Cryptojacking via VS Code: Hidden Crypto Miners Found in 300K Devices
A large-scale cryptojacking campaign has been discovered using malicious Visual Studio Code (VS Code) extensions. According to cybersecurity researchers at
CVE-2025-22457: Ivanti Connect Secure Zero-Day and Chinese APT Group
Ivanti has rolled out important security patches for a serious vulnerability in its Connect Secure VPN appliances. The flaw, tracked
Supply Chain Breach: SpotBugs PAT Theft Triggers GitHub Malware Spread
A recent GitHub supply chain attack that initially impacted Coinbase has now been traced back to a deeper issue: the
Severe Apache Parquet Flaw (CVE-2025-30065) Exposes Big Data Systems
A maximum severity remote code execution (RCE) vulnerability has been identified in Apache Parquet, affecting all versions up to and
Hackers Use GitHub C2 and Call Stack Spoofing in Latest Malware Attacks
Cybersecurity researchers have uncovered an updated version of the malware loader known as Hijack Loader, which incorporates advanced techniques to
PostgreSQL Under Attack: Fileless Malware Infects 1,500+ Cloud Servers
Cybercriminals are actively exploiting misconfigured PostgreSQL servers to deploy a fileless cryptominer, with over 1,500 systems compromised. Security researchers at
Google Introduces End-to-End Encryption for Enterprise Gmail Users
Google has introduced a major security upgrade for enterprise Gmail users, enabling them to send end-to-end encrypted (E2EE) emails across
Malware in WordPress: Hackers Exploit mu-Plugins to Hijack Images and Links
Cybercriminals are exploiting a little-known feature in WordPress known as “mu-plugins” to inject malicious code, enabling persistent access to infected
Quick Machine Recovery: Microsoft’s Solution to Windows 11 Startup Issues
Microsoft is testing a new feature in Windows 11 called Quick Machine Recovery, designed to remotely resolve boot crashes caused
Mozilla Fixes High-Risk Firefox Vulnerability Similar to Chrome’s Zero-Day
Mozilla has rolled out critical security updates for its Firefox browser on Windows, addressing a severe vulnerability that could allow
Google Patches High-Severity Chrome Vulnerability: CVE-2025-2783
Google has released an urgent security update to fix a high-severity zero-day vulnerability in its Chrome browser. The flaw, tracked