Category: CyberSecurityNews

Zero-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams
12
Jun
2025

Zero-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams

A critical zero-click vulnerability in Microsoft 365 Copilot, dubbed “EchoLeak,” enables attackers to automatically exfiltrate sensitive organizational data without requiring…

ConnectWise to Rotate Code Signing Certificates for ScreenConnect, Automate and RMM
12
Jun
2025

ConnectWise to Rotate Code Signing Certificates for ScreenConnect, Automate and RMM

The urgency stems from requirements imposed by technology partners, which necessitated an accelerated timeline for implementation across all affected products….

20,000 Malicious IPs and Domains Linked to 69 Malware Variants Dismantled
12
Jun
2025

20,000 Malicious IPs and Domains Linked to 69 Malware Variants Dismantled

More than 20,000 malicious IP addresses and domains linked to information stealers have been taken down in an INTERPOL-coordinated operation…

Microsoft Office Vulnerabilities Let Attackers Execute Remote Code
11
Jun
2025

Microsoft Office Vulnerabilities Let Attackers Execute Remote Code

Multiple critical vulnerabilities in Microsoft Office could allow attackers to execute arbitrary code on affected systems.  The vulnerabilities, tracked as…

Windows Common Log File System Driver Vulnerability Let Attackers Escalate Privileges
11
Jun
2025

Windows Common Log File System Driver Vulnerability Let Attackers Escalate Privileges

A critical security vulnerability in the Windows Common Log File System Driver (CLFS) enables attackers to escalate their privileges to…

Linux Malware Authors Attacking Cloud Environments Using ELF Binaries
11
Jun
2025

Linux Malware Authors Attacking Cloud Environments Using ELF Binaries

A sophisticated wave of Linux malware campaigns is targeting cloud environments with increasing frequency and complexity, posing significant threats to…

FIN6 Hackers Mimic as Job Seekers to Target Recruiters with Weaponized Resumes
11
Jun
2025

FIN6 Hackers Mimic as Job Seekers to Target Recruiters with Weaponized Resumes

A sophisticated cybercrime campaign has emerged where threat actors are exploiting the trust inherent in professional recruitment processes, transforming routine…

Understanding OWASP Top 10 - Mitigating Web Application Vulnerabilities
11
Jun
2025

Understanding OWASP Top 10 – Mitigating Web Application Vulnerabilities

The OWASP Top 10 2021 represents the most critical web application security risks facing organizations today, with significant shifts reflecting…

How to Conduct a Secure Code Review
11
Jun
2025

How to Conduct a Secure Code Review

Secure code review represents a critical security practice that systematically examines software source code to identify and remediate security vulnerabilities…

Top 3 Evasion Techniques In Phishing Attacks: Real Examples Inside 
11
Jun
2025

Top 3 Evasion Techniques In Phishing Attacks: Real Examples Inside 

Phishing attacks aren’t what they used to be. Hackers no longer rely on crude misspellings or sketchy email addresses. Instead,…

Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges
11
Jun
2025

Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges

A significant security vulnerability in Windows Task Scheduler could allow attackers to escalate their privileges to SYSTEM level access without…

HPE Aruba Network Vulnerability Exposes Sensitive Information to Hackers
11
Jun
2025

HPE Aruba Network Vulnerability Exposes Sensitive Information to Hackers

A high-severity security vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Private 5G Core platform that could allow unauthorized actors…