Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. Keeping updated is…
Category: CyberSecurityNews
Microsoft Strengthens Outlook’s Email Ecosystem to Protect Inboxes
Microsoft Outlook will enforce stricter authentication requirements for high-volume senders, impacting domains that send over 5,000 emails daily. These changes, which will take effect on…
“Clipboard Hijacking” A Fake CAPTCHA Steal Clipboard Data Via Hacked Sites
A sophisticated new cyberattack chain dubbed “KongTuke” has been uncovered by cybersecurity researchers, targeting unsuspecting internet users through compromised legitimate websites. Detailed in a report…
Beware of Weaponized Recruitment Emails that Deliver BeaverTail and Tropidoor Malware
Cybersecurity researchers have uncovered a sophisticated attack campaign where threat actors impersonate recruitment professionals to distribute dangerous malware payloads. On November 29, 2024, threat actors…
Ivanti Connect Secure Vulnerability (CVE-2025-22457) Actively Exploited in the Wild
Ivanti has disclosed a critical vulnerability, CVE-2025-22457, affecting its Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products that are actively exploited…
Microsoft Celebrates 50th Anniversary!
Microsoft celebrated its 50th anniversary on April 4, 2025, reflecting on its journey since Bill Gates and Paul Allen founded the company in 1975. The…
CISA Adds Actively Exploits Ivanti Connect Secure Vulnerability in Known Exploited Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457, a critical vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, to its…
Sec-Gemini v1 – Google Released a New AI Model for Cybersecurity
Google has made a big move to fight cyber threats by announcing Sec-Gemini v1, an experimental AI model designed to revolutionize cybersecurity. Elie Burzstein and…
“IngressNightmare” Critical RCE Vulnerabilities in Kubernetes NGINX Clusters Let Attackers Gain Full Control
A recently discovered set of vulnerabilities, dubbed “IngressNightmare,” found in Ingress NGINX Controller, exposing clusters to unauthenticated remote code execution (RCE). Kubernetes dominates container orchestration,…
Chinese Hackers Actively Exploiting Ivanti VPN Vulnerability to Deploy Malware
Security researchers have identified a critical vulnerability in Ivanti Connect Secure (ICS) VPN appliances that is being actively exploited by suspected Chinese threat actors. The…
OpenVPN Vulnerability Let Attackers Crash Servers & Execute Remote Code
A critical security vulnerability in OpenVPN has been discovered that could allow attackers to crash servers, potentially disrupting secure communications for thousands of users worldwide. …
Apache Traffic Server Vulnerability Let Attackers Smuggle Requests
A critical security vulnerability in Apache Traffic Server (ATS) has been discovered. By exploiting how the server processes chunked messages, attackers can perform request smuggling…