How SOC/DFIR Teams Prevent Ransomware Threats in Healthcare
Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational…
Category: CyberSecurityNews
VMware Avi Load Balancer Vulnerability Let Attackers Gain Database Access
Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product. The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could…
Akira’s New Linux Ransomware Attacking VMware ESXi Servers
The Akira ransomware group, a prominent player in the Ransomware-as-a-Service (RaaS) domain since March 2023, has intensified its operations with a new Linux variant targeting…
One Identity Manager Vulnerability Let Attackers Escalate Privileges
A critical Insecure Direct Object Reference (IDOR) vulnerability has been identified in One Identity Manager, a widely used identity and access management solution. This vulnerability,…
New Phishing Campaign Mimic Amazon Prime Membership To Steal Credit Card Data
A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, aiming to steal credit card information and other sensitive data. Cybersecurity experts have identified…
Chrome Security Update – Memory Corruption & Access Vulnerabilities Patched
Google has rolled out a new Stable Channel Update for its Chrome browser, addressing critical security vulnerabilities that posed significant risks to users. The update,…
CISA Releases Six ICS Advisories Highlighting Critical Security Vulnerabilities
U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories to address significant vulnerabilities in critical systems used across various industries.…
PayPal Hit With $2 Million Fine For Cybersecurity Failures
The New York State Department of Financial Services (NYDFS) has imposed a $2 million fine on PayPal, Inc. for violations of its stringent cybersecurity regulations.…
New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling to Evade Detection
New ransomware strains are quietly infiltrating VMware ESXi hosts by setting up SSH tunnels and concealing malicious traffic within legitimate activity. This stealth tactic allows…
phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables
A moderate-severity Cross-Site Scripting (XSS) vulnerability has been identified in phpMyAdmin, a widely used open-source tool for managing MySQL databases. This flaw, tracked as CVE-2025-24530,…
Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level
Adversaries continue to innovate methods to bypass Endpoint Detection and Response (EDR) systems. An exceptionally sophisticated approach involves leveraging hardware breakpoints at the CPU level…
North Korean IT Workers Demands Ransomware By Stealing Companies Source Codes
North Korean IT workers masquerading as remote workers have been breaking into Western companies, stealing confidential source codes, and requesting ransoms to prevent their release.…