Palo Alto Networks has disclosed a critical vulnerability (CVE-2025-010) in its PAN-OS software that could allow attackers to bypass authentication on the management web interface. This flaw, which has been assigned a CVSS Base Score of 8.8, poses a significant…
Tag: Cyber Security News
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool
An Advanced Persistent Threat (APT) is a sophisticated and stealthy cyberattack designed to gain unauthorized, long-term access to a target’s network. These attacks are meticulously planned and executed by highly skilled threat actors, often state-sponsored groups or organized crime syndicates,…
ZeroLogon Ransomware Exploit Active Directory Vulnerability To Gain Domain Controller Access
A significant threat has emerged in the form of the ZeroLogon ransomware exploit. This exploit targets a critical vulnerability in Microsoft’s Active Directory, specifically affecting domain controllers. The vulnerability, known as CVE-2020-1472, allows attackers to gain unauthorized access to domain…
Researchers Hacked into Software Supply Chain and Earned $50K Bounty
Researchers found a significant software supply chain vulnerability, which resulted in an outstanding $50,500 bounty from a major corporation’s bug bounty program. The duo’s success highlights the growing importance of securing the software supply chain and the risks posed by…
New YouTube Bug Exploited to Leak Users’ Email Addresses
A critical vulnerability in YouTube’s infrastructure allowed attackers to expose the email addresses tied to anonymous channels by combining flaws in Google’s account management system and an outdated Pixel Recorder API. The exploit chain, discovered by security researchers Brutecat and…
zkLend Hacked – $8.5M Stolen, Company offers 10% whitehat Bounty to Attacker
zkLend, a prominent decentralized finance (DeFi) protocol built on Ethereum’s Layer-2 zk-rollup technology, has fallen victim to a major security breach resulting in the theft of approximately 3,300 ETH, valued at around $8.5 million at current market prices. Unexpectedly, zkLend…
Hackers Allegedly Claiming Breach OmniGPT, 30,000+ User Accounts Exposed
Hackers have allegedly breached OmniGPT, a ChatGPT-like AI chatbot platform, exposing sensitive data of over 30,000 users. The leaked data reportedly includes email addresses, phone numbers, API keys, and over 34 million user-chatbot interactions. A post on a hacking forum…
Mirai Botnet Exploting Router Vulnerabilities to Gain Complete Device Control
A new wave of cyberattacks has surfaced, with a Mirai-based botnet exploiting a number of significant vulnerabilities in routers and smart devices, primarily targeting industrial and home networks worldwide. The Shadowserver Foundation recently shared on X the botnet’s active exploitation…
Unpatched SonicWall Firewalls Vulnerability Actively Exploited To Hijack SSL VPN Sessions
A critical vulnerability in SonicWall firewalls, identified as CVE-2024-53704, has been actively exploited by attackers to hijack SSL VPN sessions. This vulnerability affects SonicOS versions 7.1.x (7.1.1-7058 and older), 7.1.2-7019, and 8.0.0-8035. The exploit allows a remote attacker to bypass…
Windows Driver Zero-Day Vulnerability Allow Attackers To Gain System Access Remotely
A critical zero-day vulnerability has been discovered in a Windows driver, allowing attackers to gain remote access to systems. This vulnerability, identified as CVE-2025-21418, was disclosed on February 11, 2025, and is classified as “Important” with a CVSS score of…