2-year-old Windows Kernel 0-day Vulnerability Exploited in the Wild
Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years. The vulnerability, tracked as CVE-2025-24983, was included in…
Category: CyberSecurityNews
Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords
A significant security vulnerability has been identified in Apache NiFi, allowing potential attackers with specific access privileges to expose MongoDB authentication credentials. The vulnerability, tracked…
DeepSeek Generating Fully Working Keyloggers & Data Exfiltration Tools
Security researchers at Unit 42 have successfully prompted DeepSeek, a relatively new large language model (LLM), to generate detailed instructions for creating keyloggers, data exfiltration…
Siemens SINAMICS S200 Bootloader Vulnerability Let Attackers Compromise the Device
Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader. …
Hackers Abuse Microsoft Copilot for Sophisticated Phishing Attack
As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant. Microsoft Copilot,…
86,000+ Healthcare Staff Records Exposed from Misconfigured AWS S3 Bucket
A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. Cybersecurity…
CISA Warns of Apple WebKit Out-of-Bounds Write Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability,…
CISA Warns of Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild
CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or…
Microsoft Windows Management Console (MMC) Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding an actively exploited vulnerability in Microsoft Windows Management Console (MMC), tracked as…
400+ IPs Actively Exploiting Multiple SSRF Vulnerabilities In The Wild
A coordinated surge in Server-Side Request Forgery (SSRF) exploitation has been detected across multiple widely used platforms, affecting organizations worldwide. Security monitoring reveals approximately 400…
Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account
A disturbing trend of sophisticated attacks recently detected by researchers specifically designed to evade multi-factor authentication (MFA) protections. These advanced techniques, which exploit vulnerabilities in…
Microsoft March 2025 Patch Tuesday: Fixes for 57 Vulnerabilities
Microsoft Office CVE-2025-24057 Microsoft Office Remote Code Execution Vulnerability Critical Remote Desktop Client CVE-2025-26645 Remote Desktop Client Remote Code Execution Vulnerability Critical Role: DNS Server…