CrushFTP Zero-Day Flaw CVE-2025-54309 Exploited Worldwide
A new zero-day vulnerability in CrushFTP file transfer servers is being actively exploited by cybercriminals, compromising systems around the world. Tracked as CVE-2025-54309, the CrushFTP…
Month: July 2025
How to Include WordPress Components in Your Custom Web Pages
Ever wanted to take a piece of WordPress > functionality and put it in a non-WordPress portion of your website? Like, for example, pulling your…
Microsoft AppLocker Flaw Lets Malicious Apps Bypass Security Restrictions
Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to bypass…
The role of customer data platforms
A customer relationship management (CRM) system and a customer data platform (CDP) may initially appear to serve similar functions. However, while they certainly share some…
SharePoint zero-day CVE-2025-53770 actively exploited in the wild
SharePoint zero-day CVE-2025-53770 actively exploited in the wild Pierluigi Paganini July 21, 2025 Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked…
How to Include WordPress Components in Your Custom Web Pages
Ever wanted to take a piece of WordPress > functionality and put it in a non-WordPress portion of your website? Like, for example, pulling your…
7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems
A critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive files. The vulnerability, tracked as…
Microsoft Released an Emergency Security Update to Patch a Critical SharePoint 0-Day Vulnerability
Microsoft has issued an urgent security advisory addressing critical zero-day vulnerabilities in on-premises SharePoint Server that attackers are actively exploiting. The vulnerabilities, assigned as CVE-2025-53770…
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being…
PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
Jul 21, 2025Ravie LakshmananThreat Intelligence / Authentication Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO)…
Zero-Day Vulnerability Exploited In Microsoft SharePoint
Microsoft has issued a warning about active cyberattacks targeting on-premises SharePoint servers widely used by government agencies and businesses. The cyberattacks exploit a zero-day vulnerability…
CoinDCX Cyberattack Leads To $44M Loss, User Funds Safe
Indian cryptocurrency exchange CoinDCX has confirmed a cyberattack that resulted in a loss of approximately $44 million. The CoinDCX cyberattack, which occurred on July 19,…