Category: CyberSecurityNews

A commercial spyware company called Intellexa has exploited 15 zero-day vulnerabilities since 2021 to target iOS and Android users worldwide….

A critical remote code execution vulnerability, tracked as CVE-2025-55182 and dubbed “React2Shell,” is now under active exploitation in the wild….

A unified offensive security toolkit, NETREAPER, developed by OFFTRACKMEDIA Studios, consolidates over 70 penetration testing tools into a single, user-friendly…

LockBit 5.0 key infrastructure exposed, revealing the IP address 205.185.116.233, and the domain karma0.xyz is hosting the ransomware group’s latest…

In an escalating campaign targeting remote access infrastructure, threat actors have initiated active exploitation attempts against Palo Alto Networks’ GlobalProtect…

A dangerous new Android banking malware named FvncBot was first observed on November 25, 2025. This malicious tool is designed to steal…

A critical vulnerability class dubbed “PromptPwnd,” affects AI agents integrated into GitHub Actions and GitLab CI/CD pipelines. This flaw allows…

A critical unauthenticated remote code execution vulnerability dubbed “React2Shell” is actively being exploited in the wild, putting millions of web…

Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the…

Russian threat actors are running a new wave of phishing campaigns that spoof major European security events to quietly steal…

A persistent privilege escalation technique in AWS that allows attackers with limited permissions to execute code under higher-privileged execution roles…

Cloudflare’s global network suffered a brief but widespread disruption this morning, lasting approximately 25 minutes, due to an internal change…