Endpoint Detection and Response (EDR) solutions have become crucial for organizations to protect their devices and data from cyber threats. As of 2025, several top EDR solutions stand out in the market. CrowdStrike Falcon Insight XDR is widely recognized for…
Tag: Cyber Security News
Hacker Claims Sale of 6 Million Records Stolen from Oracle Cloud Servers
A threat actor named “rose87168” claimed to have stolen six million records from Oracle Cloud servers. The stolen data reportedly includes Java Key Store (JKS) files, encrypted Single Sign-On (SSO) passwords, hashed Lightweight Directory Access Protocol (LDAP) passwords, key files,…
VMware Vulnerabilities Exploited Actively to Bypass Security Controls & Deploy Ransomware
A surge of ransomware attacks leveraging critical VMware virtualization vulnerabilities has triggered global alerts. Threat actors exploit flaws in ESXi, Workstation, and Fusion products to paralyze enterprise infrastructures. The vulnerabilities CVE-2025-22224 (CVSS 9.3), CVE-2025-22225 (CVSS 8.2), and CVE-2025-22226 (CVSS 7.1)…
Russian 0-Day Seller Offering Record Breaking $4,000,000 for Full Chain Telegram Exploits
A Russian exploit brokerage firm, Operation Zero, has publicly announced bounties of up to $4 million for zero-day vulnerabilities in Telegram, signaling heightened state-sponsored interest in compromising the popular messaging app. The company, which exclusively serves the Russian government and…
Attackers Using Weaponized CAPTCHA’s to Execute PowerShell Commands & Install Malware
A growing attack trend since the second half of 2024 involves threat actors using fake CAPTCHA challenges to trick users into executing malicious PowerShell commands and infecting their systems with dangerous malware. These sophisticated social engineering tactics leverage users’ familiarity…
Researchers Unboxed FIN7’s Stealthy Python-based Anubis Backdoor
Cybersecurity experts have identified a sophisticated new backdoor tool developed by the notorious financial cybercrime group FIN7. The Python-based malware, dubbed “Anubis Backdoor,” represents an evolution in the group’s tactics, techniques, and procedures (TTPs) that have historically caused billions in…
JumpServer Vulnerabilities Let Attacker Bypass Authentication & Gain Complete Control
A series of critical vulnerabilities discovered in JumpServer, an open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has raised significant security concerns. JumpServer serves as a bastion host to internal networks, offering a centralized point for accessing internal resources…
Researchers Details macOS Vulnerability That Exposes System Passwords
Recent revelations about a critical vulnerability affecting macOS systems have raised significant concerns among cybersecurity professionals and users alike. The flaw, which potentially exposes sensitive system passwords, has been thoroughly analyzed and documented in a newly released report. This vulnerability…
Veeam RCE Vulnerability Let Any Domain User Hack the Backup Servers
A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges. The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds, demonstrating how blacklist-based…
Over 150 US Government Database Servers Exposed to the Internet – New Report
Over 150 government database servers normally hidden behind layers of security are now directly exposed to the Internet, leaving Americans’ data vulnerable to cyberattacks. A groundbreaking open-source investigation has revealed what experts describe as “one of history’s largest exposures of…