Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released
A cluster of four critical vulnerabilities in Ivanti Endpoint Manager (EPM) has entered a dangerous new phase with the public release of proof-of-concept (PoC) exploit…
Category: CyberSecurityNews
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub
A GitHub repository titled Windows-WiFi-Password-Stealer has surfaced, raising concerns among cybersecurity professionals. This repository, hosted by the user, provides a Python-based script capable of extracting…
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability
Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS…
New Active Directory Pentesting Tool For KeyCredentialLink Management
RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. This command-line interface (CLI) tool…
Threat Actors Using $10 Infostealer Malware To Breach Critical US Security
A new class of cyber threats leveraging $10 infostealer malware kits has compromised critical U.S. military, defense contractor, and federal agency systems, exposing vulnerabilities in…
Russian Hackers Attacking Signal Messenger Users To Gain Access To Sensitive Data
Google Threat Intelligence Group (GTIG) reveal an escalating campaign by multiple Russia-aligned threat actors targeting Signal Messenger users through sophisticated exploitation of the app’s “linked…
New IRS and Tax-Themed Cyber Attacks Fueled With New Domain Registrations
As the 2025 U.S. tax season reaches its peak, cybersecurity analysts report a dramatic escalation in phishing campaigns exploiting IRS and federal tax themes. Between…
90,000 WordPress Sites Vulnerable to Local File Inclusion Attacks
A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks. …
Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities
Mozilla has released Firefox 135.0.1, a stability and security update addressing a high-severity memory safety vulnerability (CVE-2025-1414) that exposed users to potential remote code execution…
Yahoo Data Leak – Hackers Allegedly Advertised 602,000 Email Accounts
A hacker operating under the alias “exelo” has allegedly advertised a database containing 602,800 Yahoo email accounts on an underground forum. The post claims the…
GPT-4o Copilot Trained in Over 30 Popular Programming Languages
Microsoft has unveiled GPT-4o Copilot, a cutting-edge code completion model now available for Visual Studio Code (VS Code) users. Built on the GPT-4o mini architecture…
Russian Government Proposed New Penalties to Combat Cybercrime
The Russian government announced a comprehensive legislative package on February 10, 2025, introducing severe penalties for cybercrimes. The reforms, which amend over 30 existing laws,…