NCSC Warns of Oracle E-Business Suite 0-Day Vulnerability Actively Exploited in Attacks
NCSC has issued an urgent warning regarding a critical zero-day flaw in Oracle E-Business Suite (EBS) that is currently being exploited in the wild. Tracked…
Category: CyberSecurityNews
How Windows Command-line Utility PsExec.exe Can Be Abused To Execute Malicious Code
PsExec represents one of the most contradictory tools in the cybersecurity landscape, a legitimate system administration utility that has become a cornerstone of malicious lateral…
Zabbix Agent and Agent 2 for Windows Vulnerability Let Attackers Escalate Privileges
A critical security vulnerability has been discovered in Zabbix Agent and Agent 2 for Windows that allows attackers with local system access to escalate their…
Microsoft Teams Set to Introduce Highly Anticipated Multitasking Functionality
Microsoft is set to roll out a highly anticipated multitasking feature for its Teams platform, which will allow users to open channels in separate windows.…
Google Chrome RCE Vulnerability Details Released Along with Exploit Code
Researchers have published the full technical details and exploit code for a critical remote code execution (RCE) vulnerability in Google Chrome’s V8 JavaScript engine. Tracked…
QNAP NetBak Replicator Vulnerability Let Attackers Execute Unauthorized Code
QNAP has released a security advisory detailing a vulnerability in its NetBak Replicator utility that could allow local attackers to execute unauthorized code. The flaw,…
Redis Server Vulnerability use-after-free Vulnerability Enables Remote Code Execution
A critical use-after-free vulnerability, identified as CVE-2025-49844, has been discovered in Redis servers, enabling authenticated attackers to achieve remote code execution. This high-severity flaw affects…
Gemini CLI to Your Kali Linux Terminal To Automate Penetration Testing Tasks
With the release of Kali Linux 2025.3, a major update introduces an innovative tool that combines artificial intelligence and cybersecurity: the Gemini Command-Line Interface (CLI).…
PoC Exploit Released for Sudo Vulnerability that Enables Attackers to Gain Root Access
A publicly available proof-of-concept (PoC) exploit has been released for CVE-2025-32463, a local privilege escalation (LPE) flaw in the Sudo utility that can grant root…
Hackers Weaponize AWS X-Ray Service to Work as Covert Command & Control Server
A sophisticated technique uncovered where threat actors abuse Amazon Web Services‘ X-Ray distributed tracing service to establish covert command and control (C2) communications, demonstrating how…
PoC Exploit Released for Remotely Exploitable Oracle E-Business Suite 0-Day Vulnerability
A critical zero-day vulnerability in Oracle E-Business Suite has emerged as a significant threat to enterprise environments, with proof-of-concept (PoC) exploit code now publicly available. …
Hackers Exploit Zimbra Vulnerability as 0-Day with Weaponized iCalendar Files
A zero-day vulnerability in the Zimbra Collaboration Suite (ZCS) was actively exploited in targeted attacks earlier in 2025. The flaw, identified as CVE-2025-27915, is a…