Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating…
Cisco SNMP Flaw (CVE-2025-20352) Actively Exploited: Patch Now to Stop Root Access!
Cisco has issued a security advisory warning of a critical flaw in its IOS and IOS XE Software, tracked as CVE-2025-20352 with a CVSS score of…
Cisco IOS 0-Day RCE Vulnerability Actively Exploited in the Wild
Cisco has disclosed a zero-day vulnerability, CVE-2025-20352, in its widely used IOS and IOS XE software, confirming it is being actively…
Apple’s In-House Chips Pave the Way for On-Device AI Revolution
In recent years, Apple has vigorously advanced its strategy of self-developing chips, evolving from the A-series and M-series processors to…
The iPhone Fold is Coming: Apple’s 2026 Strategy Revealed
According to a report by Nikkei Asia, Apple has recently informed its supply chain partners that shipments of the iPhone 18 series, slated for…
1 in 3 Android Apps Leak Sensitive Data
A significant share of mobile applications are exposing sensitive information through insecure APIs, leaving users and businesses vulnerable…
Google Confirms Real-World Attacks on Chrome Vulnerability CVE-2025-10585
Google has issued an urgent security alert for all users of its Chrome browser, confirming that an active exploit targeting a critical…
CVE-2025-43300: Apple’s Critical Zero-Day ImageIO Vulnerability
IntroductionSecurity researchers and Apple users alike are on high alert following the discovery and active exploitation of…
Apple Fixes 0-Day Vulnerabilities in Older version of iPhones and iPad
Apple has released iOS 16.7.12 and iPadOS 16.7.12 on September 15, 2025, delivering critical security updates to older-generation…
Apple 0-day likely used in spy attacks affected devices as old as iPhone 8
Apple backported a fix to older iPhones and iPads for a serious bug it patched last month – but only after it may have been exploited in…
Apple backports zero-day patches to older iPhones and iPads
Apple has released security updates to backport patches released last month to older iPhones and iPads, addressing a zero-day bug that…
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in…
Chrome’s New Preloading is a Game-Changer
Google has long experimented with prerendering technology in Chrome to accelerate page loading by rendering content in advance so that pages…
Apple Ends iCloud Support for Older Devices
According to Apple’s newly published support documentation, devices running iOS 10 or macOS 10.12 no longer meet the minimum system…
Why The Open Web Application Security Project (OWASP) Mobile Application Security (MAS) Project Is Critical
The OWASP MAS project continues to lead the way in mobile application security. This article describes the resources and tools which have…
Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages
Samsung has fixed a critical flaw that affects its Android devices - but not before attackers found and exploited the bug, which could allow…
France Warns Apple Users of New Spyware Campaign
Apple recently issued a spyware campaign alert, according to the French Computer Emergency Response Team (CERT-FR). The national incident…
Apple warns customers targeted in recent spyware attacks
Apple warned customers last week that their devices were targeted in a new series of spyware attacks, according to the French…
ChillyHell macOS Malware Resurfaces, Using Google.com as a Decoy
A previously dormant macOS threat, ChillyHell, is reviving. Read how this malware can bypass security checks, remain hidden, and install…
Apple CarPlay Exploited To Gain Root Access By Executing Remote Code
At the recent DefCon security conference, researchers demonstrated a critical exploit chain that allows attackers to gain root access on…
Cursor Autorun Flaw Lets Repositories Execute Code Without Consent
A newly disclosed flaw in the Cursor extension allows repositories to automatically execute code when a folder is opened, even without a…
Apple’s “Most Significant Upgrade” to iPhone Security Is Here
Ddos September 10, 2025 Apple Security Engineering and Architecture (SEAR) has unveiled Memory Integrity Enforcement (MIE), an always-on,…
The MacBook Pro Is Getting an OLED Display, But There’s a Catch
Ddos September 10, 2025 According to a report from South Korean outlet The Elec, Apple is preparing to adopt OLED displays in its upcoming…
NVIDIA’s Newest Acquisition: The AI Programming Startup That’s Set to Reshape Development
Ddos September 10, 2025 NVIDIA has recently acquired Solver, an AI programming startup founded in 2022, as part of its strategy to strengthen…
Apple Watch Series 11: A New Era of Health and Connectivity
Ddos September 10, 2025 Apple has officially unveiled the Apple Watch Series 11, now equipped with a more scratch-resistant display glass, 5G…
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no…
Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE
Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite.…
Zoom Security Update – Patch for Multiple Vulnerabilities in Clients for Windows and macOS
Zoom released a security update addressing multiple vulnerabilities in its software, including Zoom Workplace and various clients for Windows…
CVE-2025-7350: Critical RCE Flaw in Rockwell Stratix Switches Scores CVSS 9.6
Ddos September 9, 2025 Rockwell Automation has issued a security advisory for a critical vulnerability in its Stratix industrial Ethernet…
WhatsApp warns of 'attack against specific targeted users'
Infosec In brief A flaw in Meta’s WhatsApp app “may have been exploited in a sophisticated attack against specific targeted…
WhatsApp 0-Day Exploited in Attacks on Targeted iOS and macOS Users
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The flaw was used to…
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server…
WhatsApp’s Zero-Click Vulnerability and Targeted Spyware Attacks
A newly discovered critical vulnerability has put WhatsApp users across the globe on high alert. CVE-2025-55177, patched in August 2025, was a…
MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months
Ddos August 30, 2025 XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in…
A Critical Zero-Click WhatsApp Flaw, CVE-2025-55177, Was Exploited in Zero-Day Attacks
Ddos August 29, 2025 Meta’s WhatsApp Security Team has patched a zero-day flaw (CVE-2025-55177) in WhatsApp for iOS (prior to…
WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users
A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific…
Innovator Spotlight: ManageEngine
Unifying IT Management and Security with ManageEngine In today’s digital landscape, IT can feel like juggling flaming torches, one…
Google Big Sleep AI Tool Finds Critical Chrome Vulnerability
Google has patched a critical graphics library vulnerability in the Chrome browser, discovered by its AI-powered detection tool, Google Big…
Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns
The UK, US and partners from across the globe have released a new report on the notorious Chinese APT group Salt Typhoon, claiming it has…
CISA Publish Hunting and Mitigation Guide to Defend Networks from Chinese State-Sponsored Actors
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), alongside the NSA, FBI, and a broad coalition of international partners, has…
Chinese State Hackers Target Global Critical Infrastructure, NSA Warns
A coalition of cybersecurity and intelligence agencies from across the globe, including the United States National Security Agency (NSA), has…
NVIDIA NeMo AI Curator Enables Code Execution and Privilege Escalation
NVIDIA has issued a critical security bulletin addressing a high-severity vulnerability in its NeMo Curator platform that could allow…