New Variant of The XCSSET Malware Attacking macOS App Developers
The macOS threat landscape has witnessed a significant escalation with the discovery of a new variant of the XCSSET malware...
Read more →Category: CyberSecurityNews
GitLab High-Severity Vulnerabilities Let Attackers Crash Instances
GitLab has disclosed multiple high-severity Denial-of-Service (DoS) vulnerabilities that could allow unauthenticated attackers to crash self-managed GitLab instances. These flaws...
Read more →
Fortra GoAnywhere Vulnerability Exploited as 0-day Before Patch Released
A critical, perfect 10.0 CVSS score vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution was actively exploited as a...
Read more →
First-Ever Malicious MCP Server Found in the Wild Steals Emails via AI Agents
The first-ever malicious Model-Context-Prompt (MCP) server discovered in the wild, a trojanized npm package named postmark-mcp that has been secretly...
Read more →
Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise
Active Directory (AD) remains the foundation of authentication and authorization in Windows environments. Threat actors targeting the NTDS.dit database can harvest...
Read more →
CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild
CISA has issued an Emergency Directive mandating immediate action to mitigate two critical zero-day vulnerabilities, CVE-2025-20333 and CVE-2025-20362, actively exploited against Cisco Adaptive Security...
Read more →
Chinese State-Sponsored Hackers Attacking Telecommunications Infrastructure to Harvest Sensitive Data
In late 2024, a new wave of cyber espionage emerged targeting global telecommunications infrastructure. Operating under the moniker Salt Typhoon,...
Read more →
New Malicious Rust Crates Impersonating fast_log to Steal Solana and Ethereum Wallet Keys
Cybercriminals have launched a sophisticated supply chain attack targeting cryptocurrency developers through malicious Rust crates designed to steal digital wallet...
Read more →
Critical Cisco Vulnerability Let Remote Attackers Execute Arbitrary Code on Firewalls and Routers
Cisco warns of a Critical remote code execution flaw in web services across multiple Cisco platforms. Tracked as CVE-2025-20363 (CWE-122),...
Read more →
Hackers Exploiting Cisco ASA Zero-Day to Deploy RayInitiator and LINE VIPER Malware
Cybersecurity authorities are urging organizations to take immediate action following the discovery of a sophisticated espionage campaign targeting Cisco Adaptive...
Read more →
Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses
Cybercriminals are increasingly turning to artificial intelligence to enhance their attack capabilities, as demonstrated in a sophisticated phishing campaign recently...
Read more →
Cisco ASA 0-Day RCE Vulnerability Actively Exploited in the Wild
Cisco has issued an emergency security advisory warning of active exploitation of a critical zero-day vulnerability in its Secure Firewall...
Read more →