Misconfigured Apache Airflow Servers Exposes Login Credentials to Hackers
A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and...
Read more →Category: CyberSecurityNews
Sitecore 0-Day Vulnerability Let Attackers Execute Remote Code
A newly disclosed critical vulnerability in Sitecore Experience Platform (CVE-2025-27218) allows unauthenticated attackers to execute arbitrary code on unpatched systems. ...
Read more →
SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension
With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many...
Read more →
Powershell Based Tool to Detect Active Directory Misconfigurations
Securing Active Directory (AD) is a critical priority for organizations. Misconfigurations in AD, such as excessive permissions, outdated protocols, or...
Read more →
Researchers Bypassed CrowdStrike Falcon Sensor to Execute Malicious Applications
Security researchers at SEC Consult have discovered a significant vulnerability in CrowdStrike’s Falcon Sensor that allowed attackers to bypass detection...
Read more →
Two Hackers Arrested For ATM Jackpotting by Deploying Malware
Federal prosecutors unsealed criminal complaints today against David Jose Gomez Cegarra, 24, and Jesus Segundo Hernandez-Gil, 19, members of the...
Read more →
Google Announces AI-Powered Scam Detector For Android Users
In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text...
Read more →
ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings
A critical Insecure Direct Object Reference (IDOR) vulnerability chain in ZITADEL’s administration interface (CVE-2025-27507) has exposed organizations to systemic risks...
Read more →
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
Elastic has issued an urgent security advisory for a critical vulnerability in Kibana, tracked as CVE-2025-25012, that allows authenticated attackers...
Read more →
LibreOffice Vulnerability Let Attackers Execute Arbitrary Script Using Macro URL
A critical security vulnerability in LibreOffice tracked as CVE-2025-1080, has exposed millions of users to potential remote code execution attacks...
Read more →
SecP0 Ransomware Group Threatens Organizations to Leak Vulnerability Details
A new ransomware group, SecP0, has emerged on the cybercrime landscape, adopting a novel and deeply concerning tactic: demanding ransom...
Read more →
Google Silently Tracks Android Device Even No Apps Opened by User
Google collects and stores significant amounts of user data on Android devices, even when users haven’t opened any Google apps....
Read more →