Critical Ivanti Connect Secure Vulnerability Under Active Exploitation by Chinese Hackers
A critical security vulnerability in Ivanti Connect Secure VPN appliances ( CVE-2025-22457 ) is being actively exploited by suspected Chinese state-…
Security
Europol Shuts Down Massive Child Exploitation Website "Kidflix"
In a sweeping international operation, law enforcement agencies across 35 countries have successfully dismantled Kidflix, one of the world’s largest …
Researchers Uncover Three Bypasses of Ubuntu's Namespace Restrictions
Security researchers at Qualys have identified three methods to bypass Ubuntu's unprivileged user namespace restrictions, a security feature intr…
Gmail's New End-to-End Encryption for Enterprise Users
In celebration of Gmail’s birthday , Google has announced a significant advancement in email security that democratizes end-to-end encryption (E2EE) …
Critical Authentication Bypass Vulnerability Discovered in CrushFTP
A severe authentication bypass vulnerability has been identified in CrushFTP, a popular multi-protocol file transfer server used by many organization…
BLASTPASS Explained: How NSO’s WebP Zero-Day Exploit Hacked iPhones Silently
In September 2023, Apple rushed to patch a critical vulnerability after researchers uncovered an alarming zero-click exploit chain attributed to…
Kaspersky Uncovers New Chrome 0-Day Actively Exploited
In the latest discovery, Kaspersky Lab exposed a highly sophisticated cyber attack, dubbed “ Operation ForumTroll ,” that leverages a critical zero-d…
IngressNightmare - Critical RCE Vulnerabilities Expose Kubernetes Clusters
Cybersecurity researchers at Wiz ( recently acquired by Google ) have uncovered multiple severe vulnerabilities in the Ingress NGINX Controller for K…
Oracle Cloud Security Breach Exposes 6 Million Records Affecting 140,000 Tenants
A significant security breach at Oracle Cloud has been reported, with a cybercriminal claiming to have stolen approximately 6 million records from Or…
Auth Bypass Vulnerability Disclosed in Next.js Middleware
A critical security vulnerability has been identified in Next.js, the popular React framework, which could allow attackers to bypass authorization ch…
Zero-Click WhatsApp Exploit Used in Paragon Spyware Attacks
In a groundbreaking investigation, Citizen Lab has uncovered a sophisticated spyware operation leveraging a zero-click exploit in WhatsApp to target…
Email Marketing Security: How to Protect Customer Data from Cyber Threats
According to recent studies , email marketing continues to deliver impressive ROI for businesses across industries, with an average return of $36 for…
Chinese APT Group MirrorFace Expands Operations to Europe, Revives ANEL Backdoor
ESET researchers have uncovered a significant shift in tactics by the China-aligned advanced persistent threat (APT) group MirrorFace , which has exp…
Critical Windows Vulnerability Leaks NTLM Hashes Without User Interaction
Security researchers have discovered and documented a critical Windows vulnerability (CVE-2025-24071) that enables attackers to steal authentication …
The Rise of Deepfake Scams: How to Protect Your Finances
The rapid expansion of deepfake technology has introduced a new dimension to financial fraud, posing significant threats to individuals and organizat…
Microsoft's March 2025 Update Patches Critical Zero-Day Exploited via PipeMagic Backdoor
Microsoft's March 2025 Patch Tuesday has addressed 57 security flaws, including seven zero-day vulnerabilities— six of which were already being a…