Tag: Cyber Security News

A Russian exploit brokerage firm, Operation Zero, has publicly announced bounties of up to $4 million for zero-day vulnerabilities in Telegram, signaling heightened state-sponsored interest in compromising the popular messaging app. The company, which exclusively serves the Russian government and…

Read more →

A growing attack trend since the second half of 2024 involves threat actors using fake CAPTCHA challenges to trick users into executing malicious PowerShell commands and infecting their systems with dangerous malware. These sophisticated social engineering tactics leverage users’ familiarity…

Read more →

Cybersecurity experts have identified a sophisticated new backdoor tool developed by the notorious financial cybercrime group FIN7. The Python-based malware, dubbed “Anubis Backdoor,” represents an evolution in the group’s tactics, techniques, and procedures (TTPs) that have historically caused billions in…

Read more →

A series of critical vulnerabilities discovered in JumpServer, an open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has raised significant security concerns. JumpServer serves as a bastion host to internal networks, offering a centralized point for accessing internal resources…

Read more →

Recent revelations about a critical vulnerability affecting macOS systems have raised significant concerns among cybersecurity professionals and users alike. The flaw, which potentially exposes sensitive system passwords, has been thoroughly analyzed and documented in a newly released report. This vulnerability…

Read more →

A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges.  The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds, demonstrating how blacklist-based…

Read more →

Over 150 government database servers normally hidden behind layers of security are now directly exposed to the Internet, leaving Americans’ data vulnerable to cyberattacks.  A groundbreaking open-source investigation has revealed what experts describe as “one of history’s largest exposures of…

Read more →

A dangerous new phishing campaign targeting businesses that use Meta platforms for advertising has been discovered. The scam begins with users receiving an urgent email claiming “YOUR ADS ARE TEMPORARILY SUSPENDED” due to alleged violations of Instagram’s Advertising Policies and…

Read more →

Threat actors actively exploit a critical vulnerability in Apache Tomcat, tracked as CVE-2025-24813, which could enable unauthorized remote code execution (RCE) on vulnerable servers.  The vulnerability, first disclosed on March 10, 2025, has already seen exploitation attempts beginning just 30…

Read more →

A new cross-platform threat has emerged in the ransomware landscape as researchers uncover new versions of Albabat ransomware targeting Windows, Linux, and macOS systems simultaneously. The ransomware operators have implemented a sophisticated approach to manage their operations through GitHub repositories,…

Read more →

A sophisticated threat actor tracked as UAT-5918 has been observed actively exploiting known vulnerabilities in web and application servers that remain unpatched across multiple organizations. The campaign, which began in early 2025, primarily targets infrastructures running outdated versions of Apache,…

Read more →

Threat actors actively exploit a critical vulnerability in Apache Tomcat, tracked as CVE-2025-24813, which could enable unauthorized remote code execution (RCE) on vulnerable servers.  The vulnerability, first disclosed on March 10, 2025, has already seen exploitation attempts beginning just 30…

Read more →

Cloudflare announced today that it has closed all HTTP ports on api.cloudflare.com, taking a significant step toward eliminating the security risks associated with cleartext HTTP traffic.  The change, effective immediately, prevents sensitive information such as API tokens from being transmitted…

Read more →

Swiss telecommunications solutions provider Ascom has fallen victim to a cyberattack by the notorious Hellcat ransomware group, which compromised the company’s technical ticketing system on March 16, 2025.  The attack represents the latest in a global hacking spree targeting Jira…

Read more →

Indian technology giant Infosys Limited has agreed to pay $17.5 million to settle six class action lawsuits from a significant data breach at its U.S. subsidiary, Infosys McCamish Systems LLC (McCamish).  The settlement, announced on March 14, 2025, resolves allegations…

Read more →

MEDUSA ransomware operation has been observed leveraging a sophisticated malicious driver called ABYSSWORKER to disable endpoint detection and response (EDR) systems. This dangerous capability allows the ransomware to operate undetected, significantly increasing the threat to organizations’ security infrastructure. The ABYSSWORKER…

Read more →

A sophisticated attack where threat actors exploited vulnerabilities in vsdatant.sys, a kernel-level driver used by Checkpoint’s ZoneAlarm antivirus software.  Originally released in 2016, this driver became the target of a Bring Your Own Vulnerable Driver (BYOVD) attack, allowing attackers to…

Read more →

Recent cybersecurity investigations have uncovered a sophisticated threat actor dubbed “FishMonger” operating under the umbrella of I-SOON, a Chinese company with alleged ties to state-sponsored hacking operations. This Advanced Persistent Threat (APT) group has been systematically targeting government institutions and…

Read more →

A sophisticated malware campaign is currently targeting cryptocurrency enthusiasts on Reddit, offering fake “cracked” versions of the popular trading platform TradingView. The malicious actors are distributing two dangerous data stealers—AMOS for macOS users and Lumma Stealer for Windows users—through seemingly…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released five Industrial Control Systems (ICS) advisories on March 20, 2025, providing critical information about security vulnerabilities affecting industrial control systems across multiple vendors.  These advisories offer essential guidance on mitigations for vulnerabilities…

Read more →

Caido, the innovative security testing tool positioning itself as a compelling alternative to Burp Suite, has just rolled out its latest update, version 0.47.0. This release introduces a slew of exciting features, a revamped user experience, and critical bug fixes,…

Read more →

Tech giant Apple is once again in the legal spotlight as a class-action lawsuit filed in U.S. District Court in San Jose accuses the company of false advertising and unfair competition related to its highly touted Apple Intelligence features. The…

Read more →

Critical security vulnerabilities in IBM AIX operating systems could allow unauthorized remote attackers to execute arbitrary commands, potentially compromising the entire system.  IBM has released security patches to address these high-severity flaws affecting multiple Unix-based operating system versions. Security researchers have…

Read more →

Researchers have detected active exploitation attempts targeting two critical vulnerabilities in Cisco’s Smart Licensing Utility that were patched approximately six months ago.  Threat actors leverage these flaws, which could potentially grant unauthorized access to sensitive licensing data and administrative functions.…

Read more →

A recent study has revealed that rooted devices are over 3.5 times more likely to be targeted by mobile malware, underscoring the risks they bring to organizations. Rooting and jailbreaking, once popular methods for customizing mobile devices, are now primarily…

Read more →

While data is king, context is his queen — together, they reign over domains that thrive on research, analysis, discovery, and exploration. Nowhere is this more evident than in cyber threat intelligence, where raw data alone is powerless without context…

Read more →

Microsoft experienced a widespread outage on March 19, 2025, affecting Outlook on the web services. The tech giant has attributed the issue to a problematic code change in a recent update, which left thousands of users unable to access their…

Read more →

A RansomHub affiliate has been observed recently deploying a new custom backdoor named ‘Betruger’. This sophisticated malware, discovered on March 20, 2025, by the Symantec Threat Hunter team, represents a concerning evolution in ransomware attack methodologies. The Betruger backdoor is…

Read more →

A sophisticated malware campaign employing steganographic techniques has recently been identified, targeting users through seemingly innocent JPEG image files. The attack leverages hidden malicious code embedded within image files that, when executed, initiates a complex chain of events designed to…

Read more →

Recent cybersecurity data reveals an alarming 130% surge in zero-hour phishing attacks targeting previously unknown browser vulnerabilities. These sophisticated attacks leverage unpatched security flaws in popular browsers to deploy malicious payloads before security teams can implement countermeasures, leaving users and…

Read more →

Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. Following the investigation, WhatsApp notified approximately 90 potential victims and confirmed…

Read more →

The Babuk2 ransomware group has been caught issuing extortion demands based on false claims and recycled data from previous breaches. This revelation comes from recent investigations conducted by the Halcyon RISE Team, shedding light on a concerning trend in the…

Read more →

Dell Technologies has issued a critical security advisory warning customers about multiple vulnerabilities in its Secure Connect Gateway (SCG) product that could potentially lead to system compromise.  The vulnerabilities affect versions prior to 5.28.00.14 and require immediate attention from system…

Read more →

A sophisticated network of suspected North Korean IT workers has been discovered leveraging GitHub to create false identities and secure remote employment opportunities in Japan and the United States. These operatives pose as Vietnamese, Japanese, and Singaporean professionals, primarily targeting…

Read more →

With less than a month until the federal income tax return deadline on April 15, cybercriminals are intensifying their efforts to exploit taxpayers rushing to file their returns. Security experts warn that this time-sensitive period creates an ideal environment for…

Read more →

CISA has issued an urgent warning regarding a critical vulnerability in NAKIVO Backup and Replication solutions. As reports of active exploitation emerge, organizations are urged to patch immediately.  The vulnerability, tracked as CVE-2024-48248, allows unauthenticated attackers to read arbitrary files…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical vulnerability in Edimax IC-7100 IP cameras that is actively being exploited by multiple botnets.  The vulnerability, tracked as CVE-2025-1316, allows attackers to send specially crafted…

Read more →

A sophisticated Ransomware-as-a-Service (RaaS) operation known as ‘Dragon’ has emerged as the dominant force within the notorious “Five Families” of crimeware, implementing advanced initial access techniques and exploitation methods that have alarmed cybersecurity experts. The Dragon RaaS operation has been…

Read more →

A sophisticated cyber espionage campaign targeting employees of defense industrial complex enterprises and representatives of the Defense Forces of Ukraine has been uncovered. The attackers are using the popular Signal messenger app to distribute malicious archives that purportedly contain meeting…

Read more →

Security researchers have identified a sophisticated Chinese APT group known as Salt Typhoon that has been actively exploiting Microsoft Exchange’s ProxyLogon vulnerabilities to compromise organizations worldwide. The group, also tracked as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been operational…

Read more →

A massive data breach at consumer-grade spyware operation SpyX has compromised the personal information of nearly 2 million individuals, including thousands of Apple users with exposed iCloud credentials.  The breach, which occurred in June 2024 but remained unreported until March…

Read more →

A critical vulnerability in Veeam Backup & Replication systems that allows authenticated domain users to execute remote code, potentially compromising enterprise backup infrastructures.  The vulnerability, identified as CVE-2025-23120, carries a severe CVSS score of 9.9, indicating its high potential for…

Read more →

In recent years, the cybersecurity landscape has witnessed a significant rise in sophisticated malware operations. One such operation is “DollyWay,” a long-running campaign that has compromised over 20,000 WordPress sites globally. This operation is notable for its advanced techniques in…

Read more →

A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems.  Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems…

Read more →

 Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…

Read more →

 Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…

Read more →

A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT…

Read more →

ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC)…

Read more →

Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance…

Read more →

Security researchers have discovered a new critical vulnerability in AMI’s MegaRAC software that enables attackers to bypass authentication remotely. This latest security flaw, identified as CVE-2024-54085, affects numerous data center equipment and server models, potentially compromising cloud infrastructure security across…

Read more →

A widespread phishing campaign is currently targeting GitHub repositories with fake security alerts, potentially compromising thousands of developer accounts.  Cybersecurity experts warn that these sophisticated attacks could grant hackers complete control over victims’ code repositories and personal information. Security researcher…

Read more →

A sophisticated attack vector dubbed “MalDoc in PDF” allows threat actors to bypass traditional security scanning by embedding malicious Word documents into PDF files.  This technique, observed in attacks dating back to July, enables macros to execute when victims open…

Read more →

Password reuse continues to be one of the most significant security vulnerabilities in 2025, with alarming new data showing nearly half of all successful website logins involve previously exposed credentials. This widespread practice of recycling passwords across multiple services creates…

Read more →

California Cryobank LLC, one of America’s largest sperm donor repositories, has confirmed a significant data breach that exposed sensitive customer information.  The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory…

Read more →

In what security experts are calling one of the largest credential theft campaigns in history, sophisticated threat actors have successfully exfiltrated over 3.2 billion login credentials and compromised approximately 23 million devices across six continents. The massive operation, identified in…

Read more →

A sophisticated new malware strain called “Arcane” that specifically targets network utilities, VPN clients, and file transfer applications. The malware, discovered in late 2024, is being distributed through seemingly innocent YouTube videos that promote game cheats and cracks, putting thousands…

Read more →

A new report indicates that individuals lacking technical knowledge can create advanced malware using widely recognized AI systems, thereby turning ordinary people into significant cybersecurity threats. The 2025 Cato CTRL™ Threat Report, published on March 18, details how a threat…

Read more →

Cloudflare has unveiled its new threat events platform for Cloudforce One customers, offering a comprehensive solution to one of the most significant challenges in cybersecurity today: contextualizing threat intelligence data.  The platform provides security practitioners with actionable insights by analyzing indicators…

Read more →

Recent security findings reveal that threat actors are actively exploiting misconfigured Azure application proxies to gain unauthorized access to organizations’ internal resources.  When Azure app proxy pre-authentication is set to “Passthrough” instead of the default “Microsoft Entra ID” setting, private…

Read more →

Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems. The vulnerability, tracked as CVE-2024-4577, has been actively exploited since June 2024,…

Read more →

The China-aligned advanced persistent threat (APT) group MirrorFace has updated its tactics, techniques, and procedures (TTPs) with a sophisticated approach to deploying malware. Known primarily for targeting Japanese entities, the group has expanded its operations to include a Central European…

Read more →

Cybersecurity researchers have identified a concerning new attack vector where threat actors are actively exploiting a vulnerability in Google Chrome version 133.0.6943.126 through DLL side-loading techniques. This sophisticated attack allows malicious code execution through Chrome’s trusted subprocesses, creating a significant…

Read more →

Cybersecurity experts have uncovered a sophisticated campaign targeting enterprise web applications through the abuse of legitimate penetration testing tools. Threat actors are increasingly leveraging professional security tools including Cobalt Strike, SQLMap, and other reconnaissance utilities to compromise corporate networks with…

Read more →

Cybercriminals have launched a new sophisticated attack campaign targeting travelers through fake booking websites. The campaign, discovered in early 2025, tricks users into installing LummaStealer malware through deceptive CAPTCHA verification processes, putting personal and financial information at risk. The attack…

Read more →

VPN infrastructure has become a prime target for cybercriminals and state-sponsored actors, with vulnerabilities in these systems serving as gateways to widespread organizational compromise. Even years after their disclosure, critical VPN vulnerabilities continue to enable threat actors to steal credentials…

Read more →

A sophisticated phishing campaign is targeting cryptocurrency investors with fraudulent emails claiming a mandatory Coinbase wallet migration requirement. These deceptive messages, bearing the subject line “Migrate to Coinbase wallet,” are being distributed at a large scale, potentially bypassing spam filters…

Read more →

Threat actors are allegedly offering root access to Canon Inc.’s internal firewall systems on underground hacking forums.  According to security monitoring firm ThreatMon, the advertisement appeared on a popular dark web marketplace, claiming to provide administrator-level access to the Japanese…

Read more →

A critical vulnerability in Windows File Explorer, identified as CVE-2025-24071, enables attackers to steal NTLM hashed passwords without any user interaction beyond simply extracting a compressed file.  Security researchers have released a proof-of-concept exploit demonstrating this high-severity flaw, which Microsoft…

Read more →

A severe vulnerability in Synology’s DiskStation Manager (DSM) allows remote attackers to execute arbitrary code with no user interaction.  The flaw, disclosed during PWN2OWN 2024, received a Critical severity rating with a CVSS score of 9.8, indicating its potential for…

Read more →

A sophisticated phishing campaign is leveraging virtual hard disk (.vhd) files to distribute the dangerous VenomRAT malware. The attack begins with purchase order-themed emails containing archive attachments that, when extracted, reveal hard disk image files designed to evade traditional security…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert highlighting a significant vulnerability in Fortinet’s FortiOS and FortiProxy systems, which threat actors are actively exploiting. The authentication bypass vulnerability, tracked as CVE-2025-24472, has been added to…

Read more →

A critical Windows vulnerability that has been exploited since 2017 by state-sponsored threat actors has been uncovered recently by researchers. The vulnerability, tracked as ZDI-CAN-25373, allows attackers to execute hidden malicious commands on victims’ machines by leveraging specially crafted Windows…

Read more →

ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update pages, the framework has undergone significant developments, incorporating more advanced deception techniques to deliver malware…

Read more →

A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls by exploiting the way legitimate applications search for and load…

Read more →

Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction facilitated through Safe{Wallet}, when attackers intervened and manipulated the transaction, ultimately siphoning over 400,000 ETH…

Read more →

A sophisticated cyber espionage campaign has been uncovered where threat actors are masquerading as recruiters to target job seekers and employees of specific organizations. The attackers send phishing emails disguised as job opportunities from legitimate industrial organizations, attaching malicious files…

Read more →

Cloudflare has announced the first phase of end-to-end quantum readiness for its Zero Trust platform, enabling organizations to protect their corporate network traffic against future quantum computer threats.  The initiative, which builds on Cloudflare’s research into post-quantum cryptography since 2017,…

Read more →

A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely on lookalike domains or email spoofing, this attack leverages Microsoft’s…

Read more →

Security researchers from Bitdefender have uncovered a large-scale ad fraud campaign involving 331 malicious apps on the Google Play Store. These apps, which have accumulated over 60 million downloads, exploit vulnerabilities in Android 13 to bypass security restrictions and carry…

Read more →

Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. The sophisticated malware has been observed in targeted attacks against financial institutions, government…

Read more →

A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware leverages social engineering tactics to trick users into installing what appears to be a productivity…

Read more →

Attackers are actively exploiting a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. The vulnerability, identified as CVE-2024-27564, has become a significant threat despite its medium severity classification.  According to research by cybersecurity firm Veriti, this vulnerability has already been…

Read more →

Google’s parent company, Alphabet Inc., is reportedly in advanced negotiations to acquire cybersecurity startup Wiz for approximately $30 billion.  If completed, this acquisition would become the tech giant’s largest deal in its history, far surpassing its previous record of $12.5…

Read more →

At long last, the first release of GIMP 3.0 is here! This is the end result of seven years of rigorous development by volunteer developers, designers, artists, and community members (for reference, GIMP 2.10 was first published in 2018). With…

Read more →

A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and steal user sessions in mere seconds. This method exploits web browser functionalities to hijack authenticated sessions, posing a significant threat to organizations…

Read more →

Security researchers have publicly released a proof-of-concept (PoC) exploit for CVE-2024-36904, a critical use-after-free vulnerability in the Linux kernel that has remained undetected for seven years.  The vulnerability, which affects the TCP subsystem, could potentially allow attackers to execute remote…

Read more →

The Danish Agency for Social Security (CFCS) has issued an updated threat assessment warning of severe cyber threats targeting the nation’s telecommunications sector, signaling a heightened alert level for state-sponsored espionage.  The report, which supersedes the 2022 version, underscores an…

Read more →

Cobalt Strike has released version 4.11 with significant improvements to its evasion capabilities, making the popular red team tool more resilient against modern security solutions.  The update introduces a novel Sleepmask, new process injection techniques, enhanced obfuscation options, and stealthier…

Read more →

Cryptocurrency exchange OKX has temporarily suspended its decentralized exchange (DEX) aggregator service following allegations that North Korea’s state-sponsored Lazarus Group exploited it to launder funds stolen from the recent Bybit hack.  The suspension, announced on March 17, 2025, coincides with…

Read more →

Google has officially launched OSV-Scanner V2.0.0, a major upgrade to its open-source vulnerability scanning tool.  Released on March 17, 2025, this new version represents a significant evolution in helping developers identify and fix security vulnerabilities in their software dependencies. The…

Read more →

Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The vulnerability, which enables attackers to take control of servers with a simple PUT request,…

Read more →

In a massive security breach discovered this week, approximately 23,000 GitHub repositories have been compromised in what security experts are calling one of the largest supply chain attacks to date. The attackers exploited vulnerabilities in the software development pipeline to…

Read more →

Pavel Durov, founder and CEO of Telegram, announced his return to Dubai on Monday following months of judicial supervision in France as investigations into alleged criminal activities on his messaging platform continue. Durov expressed relief at being back home and…

Read more →

Researchers discovered critical vulnerabilities in Kentico’s Xperience CMS that could allow attackers to completely compromise affected systems.  The vulnerabilities, identified as WT-2025-0006, WT-2025-0007, and WT-2025-0011, can be chained together to achieve unauthenticated remote code execution on systems with common configurations.…

Read more →

The FBI has issued an urgent warning about the rising threat of malicious file conversion tools that are being used to spread malware across the United States. Cybercriminals are targeting users searching for free utilities to convert documents from one…

Read more →

A newly discovered cryptojacking malware dubbed “MassJacker” is targeting users who download pirated software, replacing cryptocurrency wallet addresses to redirect funds to attackers. The malware acts as a clipboard hijacker, monitoring when users copy crypto wallet addresses and silently replacing…

Read more →

The old adage “Prevention is better than cure” has taken a new, more urgent meaning in the cybersecurity community. With 600 million cyber attacks per day, several companies have started investing heavily in proactive cybersecurity measures that encompass risk-based vulnerability…

Read more →

A high-severity authentication vulnerability in ManageEngine Analytics Plus on-premise installations has been identified, potentially allowing malicious actors to gain unauthorized access to Active Directory (AD) authenticated user accounts.  The vulnerability, tracked as CVE-2025-1724, affects all Windows builds prior to 6130…

Read more →

In a significant development for digital forensics investigators, new research has revealed comprehensive methods to decrypt Zoom Team Chat databases, potentially exposing sensitive user communications and activities.  As organizations worldwide continue to rely on Zoom for remote collaboration, these findings…

Read more →

Cybersecurity researchers have disclosed a critical remote code execution vulnerability (CVE-2025-24016) affecting Wazuh, a widely-used open-source security information and event management (SIEM) platform.  The vulnerability, which carries a severe CVSS score of 9.9, impacts versions 4.4.0 through 4.9.0 and allows…

Read more →