Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI
Huntress has sounded the alarm over active exploitation of a newly discovered Local File Inclusion (LFI) in Gladinet CentreStack and Triofox…
NVIDIA GPU Driver Patches Multiple High-Severity Flaws Risking RCE and Privilege Escalation
NVIDIA has released an important software update for its GPU Display Driver, addressing multiple that could lead to code execution, privilege…
DFIR Tool Hijacked: Ransomware Group Storm-2603 Abuses Velociraptor for Stealthy LockBit/Babuk Attacks
Cisco Talos has confirmed that ransomware operators are now abusing Velociraptor, an open-source digital forensics and incident response…
High Number of Windows 10 Users Remain as End-of-Life Looms
A significant proportion individual users and organizations still run the Windows 10 operating system, just days before it reaches its…
Micropatches Released for Windows Storage Spoofing Vulnerability (CVE-2025-49760)
July 2025 Windows Updates brought a patch for CVE-2025-49760, a local privilege escalation vulnerability allowing a local unprivileged…
Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing
In April of 2025, my colleague Mat Powell was hunting for vulnerabilities in Autodesk Revit 2025. While fuzzing RFA files, he found the…
Data Loss, Monetary Damage, and Reputational Harm: How Unsanctioned AI Hurts Companies and 6 Mitigation Strategies
The emergence of AI represents a workplace revolution, transforming virtually every industry and reshaping the daily experiences and…
Nezha Tool Used in New Cyber Campaign Targeting Web Applications
A newly uncovered cyber campaign featuring the open-source tool Nezha has been observed targeting vulnerable web applications. Beginning in…
Critical AWS ClientVPN for macOS Vulnerability Let Attackers Escalate Privileges
A critical flaw in the AWS Client VPN for macOS has been disclosed, presenting a local privilege escalation risk to non-administrator…
New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens
Cybersecurity researchers at Point Wild’s Lat61 Threat Intelligence Team have found a new infostealer called Shuyal Stealer, a malware…
Multiple Chrome Vulnerabilities Expose Users to Arbitrary Code Execution Attacks
Google has released Chrome version 141.0.7390.65/.66 for Windows and Mac, along with 141.0.7390.65 for Linux, addressing multiple critical…
Microsoft Signs 100 MW Solar PPA with Shizen Energy to Power AI in Japan
Microsoft continues to advance its renewable energy transition in Japan, having recently confirmed the signing of three new solar Power…
Chrome 141 Stable Fixes Two High-Severity Flaws: Heap Overflow in Sync and UAF in Storage
Google has released a new Stable Channel update for Chrome 141.0.7390.65/.66 on Windows and macOS and 141.0.7390.65 for Linux, addressing…
Qilin Ransomware Gang Claims Asahi Cyber-Attack
The Qilin ransomware group has claimed responsibility for the cyber-attack on Japan’s Asahi Group and says it has stolen sensitive data…
Attackers Deployed Medusa Ransomware via GoAnywhere MFT Zero-Day
Cybercriminals exploited a critical deserialization flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) tool—tracked as…
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of…
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Microsoft: Running multiple Office apps causes Copilot issues
Microsoft is investigating a bug that causes Copilot issues when multiple Office apps are running simultaneously on the same system. According…
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on…
Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine…
Unity Real-Time Development Platform Vulnerability Let Attackers Execute Arbitrary Code
Unity Technologies has issued a critical security advisory warning developers about a high-severity vulnerability affecting its widely used…
500X Surge in Scanning Targets Palo Alto and Cisco ASA
Enterprise security teams are on high alert after an extraordinary 500% spike in mass scanning activity was detected against Palo Alto…
Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor
The Confucius group, a long-running cyber-espionage actor first identified in 2013, has resurfaced with a new wave of operations across South…
Confucius Shifts from Document Stealers to Python Backdoors
A long-running cyber-espionage group known as Confucius has introduced new techniques in its campaigns against Microsoft Windows users. First…
Rethinking NHI Security: The Essential Shift to Zero Trust Security and Ephemeral Identities
As identity security becomes increasingly critical in cybersecurity, the focus has shifted from safeguarding human identities to…
Malicious ZIP Files Use Windows Shortcuts to Drop Malware
A new wave of phishing attacks has been detected by the cybersecurity research firm, Blackpoint Cyber, that is exploiting users’ trust…
Chrome Security Update – Patch for 21 Vulnerabilities that Allows Attackers to Crash Browser
Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers…
Critical Flaw in Termix Docker Image (CVE-2025-59951) Leaks SSH Credentials Without Authentication
The Termix project has disclosed a critical authentication bypass in its official Docker image, exposing sensitive SSH configuration data…
Chrome 141 Stable Channel Update Patches High-Severity Vulnerabilities (CVE-2025-11205 & CVE-2025-11206)
The Chrome team has announced the promotion of Chrome 141 to the Stable Channel for Windows, Mac, and Linux. The release—version…
CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application
The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued a advisory warning of a critical in the Megasys Telenium Online Web…
Shortcut-based Credential Lures Deliver DLL Implants
A campaign that packages credential-themed ZIP archives with malicious Windows shortcut (.lnk) files has been tracked by cybersecurity…
New China-Aligned Hackers Hit State and Telecom Sectors
A newly identified cyber espionage group has been targeting government and telecommunications organizations across Africa, the Middle East and…
NVIDIA Patches Multi Flaws in Delegated License Service, Allows Unauthenticated Access and DoS
NVIDIA has issued a bulletin addressing multiple across the NVIDIA App for Windows and the Delegated License Service (DLS) component of the…
Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform
The Apache Software Foundation has published a new advisory disclosing three in Apache Kylin, a high-concurrency OLAP engine widely used for…
Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access
The of the open-source software supply chain was once again tested when JFrog’s research team uncovered a malicious package on PyPI. The…
Chinese hackers exploiting VMware zero-day since October 2024
Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has…
Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web
Veeam Backup & Replication, a cornerstone of many enterprises’ data protection strategy, has reportedly become the focus of a new…
China-linked RedNovember Campaign Shows Importance of Patching Edge Devices
A long-running threat campaign linked to a Chinese state-sponsored cyber-espionage group highlights the importance of patching and protecting…
AI-Generated Code Used in Phishing Campaign Blocked by Microsoft
A credential phishing campaign that likely relied on AI-generated code to evade detection has been stopped by Microsoft Threat Intelligence.…
Inside the Mind of a Threat Actor: What CISOs Must Learn Before the Next Breach
Cybersecurity isn’t a game of defense—it’s a game of anticipation. Yet too many CISOs and security leaders still think in…