As enterprises race to embrace digital transformation, many find themselves shackled to legacy systems—aging yet mission-critical technologies that power core business operations. While these systems often function reliably for their intended tasks, their outdated architectures expose organizations to security risks…
Tag: Cyber Security News
CISOs Role in Driving Secure Digital Transformation
As cybercrime costs surge toward an estimated $10.5 trillion annually by 2025, Chief Information Security Officers (CISOs) are stepping out of the shadows to become pivotal leaders in driving secure digital transformation across organizations worldwide. These security executives are no…
10-Year-Old Roundcube RCE Vulnerability Let Attackers Execute Malicious Code
A decade-old critical security vulnerability has been discovered in Roundcube Webmail that could allow authenticated attackers to execute arbitrary code on vulnerable systems, potentially affecting millions of installations worldwide. The flaw, tracked as CVE-2025-49113, carries an alarming CVSS score of…
What Is Cyber Threat Intelligence: Quick Guide For CISOs
Cyber threat intelligence (CTI) is the practice of collecting, analyzing, and transforming data about cyber threats into actionable insights to protect organizations. For Chief Information Security Officers (CISOs), understanding and leveraging threat intelligence is crucial to safeguarding organizational assets and…
Android Security Update – Patch for Vulnerabilities that Allows Privilege Escalation
Google has released a comprehensive security update for Android devices addressing multiple high-severity vulnerabilities that could allow privilege escalation and remote code execution. The update targets critical flaws across major hardware vendors, including Arm, Imagination Technologies, and Qualcomm, with many…
New Safari XSS Flaw Leverages JavaScript Error Handling to Execute Arbitrary Code
A new cross-site scripting (XSS) vulnerability in Safari that exploits the browser’s TypeError exception handling mechanism to execute arbitrary JavaScript code. The flaw, discovered during Gareth Heyes research into payload concealment techniques, demonstrates how Safari’s improper handling of quote escaping…
Aembit Expands Workload IAM to Microsoft Ecosystem, Enhancing Hybrid Security for Non-Human Identities
Aembit, the workload identity and access management (IAM) company, today announced a major expansion of its platform to support Microsoft environments. With this launch, enterprises can now enforce secure, policy-based access for software workloads and agentic AI running on Windows…
Microsoft Edge for Android Adds InPrivate Tab Locking with PIN & Bio Authentication
Microsoft Edge for Android is rolling out an enhanced privacy feature that allows users to secure their InPrivate browsing sessions with PIN codes or biometric authentication when switching away from the app, bringing the browser in line with similar functionality…
Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript
A sophisticated cryptocurrency theft campaign has emerged on the npm package registry, targeting developers and cryptocurrency users through malicious packages designed to drain Ethereum and Binance Smart Chain wallets. The attack leverages heavily obfuscated JavaScript code to steal up to…
Beware of Fake Booking.com Sites That Infects Your Devices With AsyncRAT
Cybercriminals have launched a sophisticated campaign targeting travelers through fake Booking.com websites that deploy AsyncRAT malware, according to recent security research. The threat actors redirect users from gaming sites, social media platforms, and sponsored advertisements to convincing replica booking sites…