A critical vulnerability in Veeam Backup & Replication systems that allows authenticated domain users to execute remote code, potentially compromising enterprise backup infrastructures. The vulnerability, identified as CVE-2025-23120, carries a severe CVSS score of 9.9, indicating its high potential for…
Tag: Cyber Security News
Malware Operation ‘DollyWay’ Hacked 20,000+ WordPress Sites Globally
In recent years, the cybersecurity landscape has witnessed a significant rise in sophisticated malware operations. One such operation is “DollyWay,” a long-running campaign that has compromised over 20,000 WordPress sites globally. This operation is notable for its advanced techniques in…
Linux Kernel Out-of-bounds Write Vulnerability Let Attackers Escalate Privileges
A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems. Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems…
Kali Linux 2025.1a Released With New Tool & Updates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Kali Linux 2025.1a New Tool & Upates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT…
ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC)…
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance…
Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
Security researchers have discovered a new critical vulnerability in AMI’s MegaRAC software that enables attackers to bypass authentication remotely. This latest security flaw, identified as CVE-2024-54085, affects numerous data center equipment and server models, potentially compromising cloud infrastructure security across…
Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials
A widespread phishing campaign is currently targeting GitHub repositories with fake security alerts, potentially compromising thousands of developer accounts. Cybersecurity experts warn that these sophisticated attacks could grant hackers complete control over victims’ code repositories and personal information. Security researcher…