Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. This massive exposure…
Month: March 2025
Sitecore 0-Day Vulnerability Let Attackers Execute Remote Code
A newly disclosed critical vulnerability in Sitecore Experience Platform (CVE-2025-27218) allows unauthenticated attackers to execute arbitrary code on unpatched systems. The flaw, rooted in insecure…
Malware Infects Linux and macOS via Typosquatted Go Packages
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the tactics used, including obfuscation and domain typosquatting,…
European cloud providers unite over data sovereignty-focused API
European cloud providers are being urged to adopt a newly created open source infrastructure management application programming interface (API) designed to make it easier for…
Microsoft 365 apps will prompt users to back up files in OneDrive
Starting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files to OneDrive. These prompts will…
SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension
With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many organizations. SquareX’s research team discovers…
NHS Faces Cybersecurity Challenges Amid Windows 11 Upgrade Dilemma
The National Health Service (NHS) has long been plagued by cybersecurity controversies, with one of the most notable incidents being the 2017 WannaCry ransomware attack…
Powershell Based Tool to Detect Active Directory Misconfigurations
Securing Active Directory (AD) is a critical priority for organizations. Misconfigurations in AD, such as excessive permissions, outdated protocols, or unprotected service accounts, are common…
US Charges 12 in Chinese Hacker Network, Offers $10M Reward
In a major coordinated operation, several U.S. law enforcement agencies have charged 12 Chinese nationals with a series of cyber attacks affecting government bodies, religious…
The Best 100 Cybercrime Podcasts
MillionPodcasts, who calls itself the ultimate destination for podcast media contacts, recently released a list of the best 100 cybercrime podcasts. The Cybercrime Magazine Podcast, listed at…
Android botnet BadBox largely disrupted
Removing 24 malicious apps from the Google Play store and silencing some servers almost halved a botnet known as BadBox. The BadBox botnet focuses on…
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
Mar 06, 2025Ravie LakshmananThreat Intelligence / Vulnerability The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January…