Threat actors demonstrated a methodical approach in a recent cyberattack, taking 11 days from initial compromise to fully deploy LockBit ransomware across a victim’s network. The incident, detailed in a report by The DFIR Report, showcases the evolving tactics of…
Tag: Cyber Security News
GitLab Security Update – Patch for XSS Vulnerability in File Rendering
GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing several vulnerabilities, including a high-severity cross-site scripting (XSS) flaw. The patched versions, 17.8.1, 17.7.3, and 17.6.4, are now available, and GitLab strongly recommends all…
GitHub Vulnerability Let Malicious Repos To Leaks Users Credentials
Critical security vulnerabilities in Git-related projects, including GitHub Desktop, Git Credential Manager, Git LFS, and GitHub Codespaces, were recently uncovered and involved improper handling of text-based protocols, allowing attackers to potentially leak user credentials. This discovery highlights significant risks in…
Critical Vulnerability in Meta’s Llama Framework Exposes AI Systems to Remote Attacks
A critical security flaw, CVE-2024-50050, has been discovered in Meta’s Llama Stack framework, a widely used open-source tool for building and deploying generative AI (GenAI) applications. The vulnerability, caused by unsafe deserialization of Python objects via the pickle module, allows…
UnitedHealth Ransomware Attack Exposes 190 Million Users’ Personal & Healthcare Data
The U.S. healthcare system, UnitedHealth Group, has confirmed that a February 2024 ransomware attack on its subsidiary, Change Healthcare, compromised the personal and healthcare data of approximately 190 million individuals. This figure, nearly double the initial estimate of 100 million,…
Top 10 Best Open Source Firewall in 2025
An open-source firewall is a network security solution designed to monitor and control traffic based on predefined rules. It provides transparency, flexibility, and cost-effectiveness by granting users access to its source code, enabling them to modify and customize it to…
Weekly Cybersecurity Update: Recent Cyber Attacks, Vulnerabilities, and Data Breaches
Welcome to this week’s Cybersecurity Newsletter, where we bring you the latest updates and key insights from the ever-evolving world of cybersecurity. In today’s fast-paced digital environment, staying informed is crucial, and our goal is to provide you with the…
CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability, CVE-2025-23006, affecting SonicWall’s Secure Mobile Access (SMA) 1000 series appliances. This vulnerability, actively exploited in the wild, poses a severe risk to organizations relying…
Kubernetes Cluster RCE Vulnerability Let Attacker Takeover All Windows Nodes
A critical vulnerability in Kubernetes, designated as CVE-2024-9042, has been discovered, enabling attackers to execute remote code with SYSTEM privileges on all Windows nodes within a Kubernetes cluster. This vulnerability, identified by Akamai security researcher Tomer Peled, specifically affects the…
IntelBroker Resigned as a BreachForums Owner
IntelBroker, a key figure within the dark web’s BreachForums, has announced his resignation as the platform’s owner. This decision marks a significant shift for the forum, a major hub for cybercriminal activity, and follows a period of instability marked by…