Sitecore CMS exploit chain starts with hardcoded ‘b’ password
A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. Sitecore is…
Month: June 2025
The Quantum Supply Chain Risk: How Quantum Computing Will Disrupt Global Commerce
The Global Supply Chain Is Already on Fire — We Just Don’t See the Smoke. The global supply chain is not a just a system…
Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware
A newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute weaponized…
Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware
Jun 17, 2025Ravie LakshmananMalware / Email Security Cybersecurity researchers are warning of a new phishing campaign that’s targeting users in Taiwan with malware families such…
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini June 17, 2025 U.S. Cybersecurity and Infrastructure Security…
Integrating Mermaid.js in Zola | HAHWUL
Applying and optimizing Mermaid.js in Zola, a Rust-based static site generator Mermaid.js is a powerful library that lets you create various diagrams using Markdown-like syntax.…
Microsoft fixes Surface Hub boot issues with emergency update
Microsoft has released an emergency update to fix a known issue causing startup failures for some Surface Hub v1 devices running Windows 10. As the…
BeyondTrust Tools RCE Vulnerability Let Attackers Execute Arbitrary Code
A high-severity remote code execution vulnerability has been identified in BeyondTrust’s Remote Support and Privileged Remote Access platforms, potentially allowing attackers to execute arbitrary code…
Critical Vulnerabilities in Sitecore Could Lead to Widespread Enterprise Attacks
A series of newly disclosed critical vulnerabilities in the Sitecore Experience Platform (XP) have raised alarm across the enterprise technology sector, with security researchers warning…
Free AI coding security rules now available on GitHub
Developers are turning to AI coding assistants to save time and speed up their work. But these tools can also introduce security risks if they…
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Jun 17, 2025Ravie LakshmananVulnerability / Enterprise Software Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained…
New Sorillus RAT Actively Attacking European Organizations Via Tunneling Services
European organizations are facing a sophisticated cyber threat as the Sorillus Remote Access Trojan (RAT) emerges as a prominent weapon in a multi-language phishing campaign…