A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as…
A newly analyzed Malware-as-a-Service (MaaS) infostealer, NOVABLIGHT, has emerged as a significant cybersecurity threat, targeting unsuspecting users with advanced data theft capabilities. Developed and sold…
Cybersecurity researchers have successfully developed and released a free decryption tool for the FunkSec ransomware, a malicious strain that leveraged artificial intelligence capabilities to enhance…
A Raspberry Pi device that was directly attached to an internal network switch was used by the financially motivated threat actor group UNC2891 to breach…
Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to…
A sophisticated new Linux variant of Gunra ransomware has emerged, marking a significant escalation in the threat group’s cross-platform capabilities since its initial discovery in…
Sonatype’s automated malware detection systems have exposed a large-scale and ongoing cyber infiltration campaign orchestrated by the North Korea-backed Lazarus Group, also known as Hidden…
Researchers released a decryptor for the FunkSec ransomware Pierluigi Paganini July 31, 2025 Researchers have released a decryptor for the ransomware FunkSec, allowing victims to…
Cybercriminals have once again demonstrated their evolving sophistication by weaponizing an obscure Toshiba laptop driver to bypass endpoint detection and response systems. The Qilin ransomware…
Dahua Camera flaws allow remote hacking. Update firmware now Pierluigi Paganini July 31, 2025 Critical flaws in Dahua cameras let hackers take control remotely. The…
A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a novel attack vector dubbed “Man-in-the-Prompt.” …
Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected…
