A significant security vulnerability (CVE-2025-34028) has been discovered in Commvault Command Center Innovation Release, enabling unauthenticated attackers to execute arbitrary code remotely. The vulnerability, which carries a high CVSS score of 9.0, affects explicitly version 11.38 of the Command Center…
Tag: Cyber Security News
WhatsApp’s New Advanced Chat Privacy Feature to Protect Sensitive Conversations
WhatsApp has announced the rollout of its new “Advanced Chat Privacy” feature, designed to give users greater control over the confidentiality of their conversations. Building on its foundation of end-to-end encryption, which ensures that only the sender and recipient can…
Ripple XPRL Official NPM Package Hijacked To Inject Private Key Stealing Malware
A significant supply chain attack targeting cryptocurrency users. The official XRPL (Ripple) NPM package, which serves as the JavaScript SDK for the XRP Ledger, was compromised with malicious code designed to steal cryptocurrency private keys, potentially affecting hundreds of thousands…
The Evolving Role of the CISO – Balancing Risk and Innovation in the Digital Age
The Evolving role of the Chief Information Security Officer (CISO) has transcended its roots in technical oversight to become a cornerstone of organizational strategy. As digital transformation accelerates, fueled by cloud computing, artificial intelligence, and IoT, CISOs grapple with a…
Building A Unified Security Strategy: Integrating Digital Forensics, XDR, And EDR For Maximum Protection
In the rapidly evolving world of cybersecurity, organizations are confronted with increasingly sophisticated threats that demand a coordinated and multi-layered defense approach. The days of relying on isolated security tools are long gone, as modern attack vectors now target various…
FireEye EDR Agent Vulnerability Let Attackers Inject Malicious Code
A significant vulnerability in the FireEye Endpoint Detection and Response (EDR) agent that could allow attackers to inject malicious code and render critical security protections ineffective. The vulnerability, tracked as CVE-2025-0618, was disclosed today and highlights the ongoing challenges in…
Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds
Significant vulnerabilities in popular browser-based cryptocurrency wallets enable attackers to steal funds without any user interaction or approval. These critical flaws, discovered in wallets including Stellar Freighter, Frontier Wallet, and Coin98, represent a significant shift in attack vectors against crypto…
Synology Network File System Vulnerability Let Read Any File
A severe security vulnerability in Synology’s DiskStation Manager (DSM) software has been identified. This vulnerability allows remote attackers to read arbitrary files through the Network File System (NFS) service without proper authorization. The vulnerability, tracked as CVE-2025-1021 and detailed in…
Hackers Weaponized Google Forms to Evade Email Security & Steal Logins
Google Forms, the tech giant’s widely used survey tool, has become a favored weapon in cybercriminals’ arsenal. It enables them to bypass sophisticated email security filters and harvest sensitive credentials. Security researchers have identified a surge in attacks that leverage…
How Script-based Malware Attacks Work: Modern Examples
Script-based malware is malicious software written in scripting languages like JavaScript, Python, PowerShell, or VBScript. Unlike traditional malware that relies on compiled executables, script-based malware leverages scripts that execute as human-readable code interpreted at runtime Scripts have become increasingly popular…