Check Point Acknowledges Data Breach, Claims Information is ‘Old
Check Point Software Technologies has confirmed a data breach following claims by threat actor CoreInjection on March 30th, 2025, but insists the incident is an…
Category: CyberSecurityNews
CISA Warns of Cisco Smart Licensing Utility Credential Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Cisco vulnerability to its Known Exploited Vulnerabilities (KEV) catalog following confirmation of active exploitation…
Microsoft Uncovers Several Vulnerabilities in GRUB2, U-Boot, Barebox Bootloaders Using Copilot
Microsoft has discovered multiple critical vulnerabilities affecting widely used bootloaders including GRUB2, U-Boot, and Barebox. These security flaws potentially expose systems to sophisticated boot-level attacks…
Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks
Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 that have been actively exploited in sophisticated attacks. These…
CrushFTP Vulnerability Exploited in Attacks Following PoC Release
Security researchers have confirmed active exploitation attempts targeting the critical authentication bypass vulnerability in CrushFTP (CVE-2025-2825) following the public release of proof-of-concept exploit code. Based…
Hackers Scanning From 24,000 IP’s to Gain Access to Palo Alto Networks
Researchers have detected an alarming surge in malicious scanning activity targeting Palo Alto Networks’ GlobalProtect VPN portals. Over a 30-day period, nearly 24,000 unique IP…
An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows
DarkCloud is a sophisticated stealer malware that emerged in 2022, quickly positioning itself as one of the most prevalent threats in its category. This Windows-targeting…
ClickFake Interview – Lazarus Hackers Exploit Windows & macOS Users Fake Job Campaign
The Lazarus Group, a North Korean state-sponsored hacking collective, has launched a new campaign dubbed ClickFake Interview, targeting job seekers in the cryptocurrency industry. This…
Earth Alux Hackers Employ VARGIET Malware to Attack Organizations
The cybersecurity landscape has been disrupted by Earth Alux, a China-linked advanced persistent threat (APT) group actively conducting espionage operations since the second quarter of…
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms…
New Ubuntu Security Bypasses Allow Attackers to Exploit Kernel Vulnerabilities
Three critical bypasses in Ubuntu Linux’s unprivileged user namespace restrictions allow local attackers to escalate privileges and exploit kernel vulnerabilities. These bypasses affect Ubuntu 23.10…
Lazarus Group is No Longer Consider a Single APT Group, But Collection of Many Sub Groups
The cybersecurity landscape is witnessing a growing complexity in the attribution of Advanced Persistent Threat (APT) actors, particularly the North Korean-linked Lazarus group. Once considered…