Cybersecurity defenders face increasingly sophisticated adversaries as threat actors continue evolving their methods to circumvent modern defense systems. According to the newly released M-Trends 2025 report, attackers are demonstrating enhanced capabilities to create custom malware ecosystems, identify and exploit zero-day…
Tag: Cyber Security News
Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes
A high-severity vulnerability in Redis, the popular open-source in-memory data structure store, that could allow unauthenticated attackers to cause denial-of-service conditions by exhausting server memory. Tracked as CVE-2025-21605 with a CVSS score of 7.5, this vulnerability affects all Redis versions…
GitLab Security Update – Patch for XSS, DoS & Account Takeover Vulnerabilities
GitLab has released critical security patches addressing multiple high-severity vulnerabilities in its platform, highlighting robust security measures amid increasing cyber threats. The company has issued patch versions 17.11.1, 17.10.5, and 17.9.7 for both Community Edition (CE) and Enterprise Edition (EE).…
Blue Shield Leaked Health Info of 4.7M patients with Google Ads
Blue Shield of California has disclosed a significant data breach affecting 4.7 million members, representing the majority of its nearly 6 million customers. The health insurance provider revealed that protected health information (PHI) was inadvertently shared with Google’s advertising platforms…
SonicWall SSLVPN Vulnerability Let Remote Attackers Crash Firewall Appliances
SonicWall has disclosed a critical security vulnerability in its SSLVPN service that allows unauthenticated remote attackers to crash affected firewall appliances, potentially causing significant disruptions to enterprise networks. The vulnerability, tracked as CVE-2025-32818, received a high severity CVSS score of…
Threat Actors Using Weaponized SVG Files to Redirect Users to Malicious Websites
Phishing campaigns have evolved significantly in 2025, with threat actors increasingly leveraging unconventional file formats to bypass security solutions. A particularly concerning trend involves the weaponization of Scalable Vector Graphics (SVG) files, which are being embedded with malicious JavaScript code…
1000+ Unique IPs Attacking Ivanti Connect Secure Systems to Exploit Vulnerabilities
A significant increase in suspicious scanning activity targeting Ivanti Connect Secure (ICS) and Ivanti Pulse Secure (IPS) VPN systems, signaling a potential coordinated reconnaissance effort by threat actors. The spike, registering more than 230 unique IP addresses probing ICS/IPS endpoints…
Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities
Microsoft has launched an expanded bug bounty program offering rewards of up to $30,000 for researchers who identify critical vulnerabilities in AI systems within its Dynamics 365 and Power Platform products. The initiative, announced by Microsoft Security Response, aims to…
Building a Cyber-Aware Culture – CISO’s Step-by-Step Plan
A cyber-aware culture is the backbone of any resilient organization in today’s digital world. As cyber threats become more advanced and frequent, safeguarding sensitive data and systems can no longer rest solely with IT departments. Chief Information Security Officers (CISOs)…
Beyond Compliance – How VPs of Security Drive Strategic Cybersecurity Initiatives
In an era where cyber threats evolve faster than regulatory frameworks, Vice Presidents (VPs) of Security are redefining their roles from compliance enforcers to strategic business leaders. While adherence to standards like GDPR and HIPAA remains critical, forward-thinking security executives…