Category: CyberSecurityNews

A critical HTTP request smuggling vulnerability in Akamai’s edge server infrastructure has been successfully fixed. The vulnerability, identified as CVE-2025-66373,…

A new information stealer called Sryxen has emerged in the underground malware market, targeting Windows systems with advanced techniques to…

A sophisticated phishing toolkit known as Evilginx is empowering attackers to execute advanced attacker-in-the-middle (AiTM) campaigns with alarming success. These…

A critical security vulnerability has been discovered in Vim for Windows that could allow attackers to execute malicious code on…

Legitimate administrative tools are increasingly becoming the weapon of choice for sophisticated threat actors aiming to blend in with normal…

A critical remote code execution vulnerability in the Sneeit Framework WordPress plugin has come under active exploitation by threat actors,…

The Cybersecurity and Infrastructure Security Agency released five critical Industrial Control Systems advisories on December 2, 2025, addressing significant security…

A new security assessment tool has been released to help researchers and administrators identify React Server Components (RSC) endpoints potentially…

A sophisticated attack campaign known as Operation DupeHike has emerged as a significant threat to Russian corporate environments, specifically targeting…

A critical security flaw in React and Next.js could let remote attackers run malicious code on servers without logging in….

A fake Visual Studio Code extension has been used in a supply chain attack that targets developers through their editor….

The open-source software supply chain recently encountered a deceptive threat in the form of evm-units, a malicious Rust crate published…