CISA Warns of TeleMessage TM SGNL Vulnerabilities Exploited in Attacks
CISA has issued an urgent warning regarding two critical vulnerabilities in TeleMessage TM SGNL that threat actors are currently exploiting in active attack campaigns. The…
Category: CyberSecurityNews
Chinese Houken Hackers Exploiting Ivanti CSA Zero-Days to Deploy Linux Rootkits
A sophisticated Chinese threat group identified as Houken has been exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices to deploy advanced Linux…
Qantas Airlines Hit by Cyberattack, Customer Data Compromised
Australia’s flagship carrier, Qantas Airways, has disclosed a significant cybersecurity breach affecting up to 6 million customers, with cybercriminals gaining unauthorized access to a third-party…
YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack
A significant security flaw has been identified in the popular YONO SBI banking application that could potentially expose millions of users to cybersecurity threats. The…
Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover
A severe arbitrary file deletion vulnerability has been discovered in the popular Forminator WordPress plugin, affecting over 600,000 active installations worldwide. The vulnerability, assigned CVE-2025-6463…
Critical Vulnerability in Anthropic MCP Inspector Let Attackers Execute Arbitrary Code
A critical Remote Code Execution (RCE) vulnerability in Anthropic’s MCP Inspector tool, designated as CVE-2025-49596, has a severe CVSS score of 9.4. This vulnerability represents…
5 Asian Cities Where Cybersecurity Maturity Meets Innovation
Asia is not only a hub of economic and technological growth—it’s also a frontline battlefield for cybersecurity evolution. Across the continent, major cities are combining…
TA829 Hackers Employs New TTPs and Upgraded RomCom Backdoor to Evade Detections
The cybersecurity landscape faces a renewed threat as TA829, a sophisticated threat actor group, has emerged with enhanced tactics, techniques, and procedures (TTPs) alongside an…
Nessus Windows Vulnerabilities Allow Overwrite of Arbitrary Local System Files
A newly disclosed security advisory from Tenable reveals serious vulnerabilities in the Nessus vulnerability scanner that could enable attackers to compromise Windows systems through privilege…
FileFix Attack Exploits Windows Browser Features to Bypass Mark-of-the-Web Protection
A sophisticated new variation of cyberattacks emerged in July 2025, exploiting a critical vulnerability in how Chrome and Microsoft Edge handle webpage saving functionality. The…
Kimsuky Hackers Using ClickFix Technique to Execute Malicious Scripts on Victim Machines
The notorious North Korean threat group Kimsuky has adopted a sophisticated social engineering tactic known as “ClickFix” to deceive users into executing malicious scripts on…
New C4 Bomb Attack Bypasses Chrome’s AppBound Cookie Encryption
A critical vulnerability that allows low-privileged attackers to decrypt Chrome’s AppBound Cookie Encryption, a security feature Google introduced in July 2024 to protect user cookies…