Microsoft IIS Web Deploy Vulnerability Let Attackers Execute Remote Code
A critical vulnerability in the Microsoft Web Deploy tool could allow authenticated attackers to execute remote code on affected systems. ...
Read more →Category: CyberSecurityNews
New Gmail Phishing Attack With Weaponized Login Flow Steals Login Credentials
A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass...
Read more →
Multiple ImageMagick Vulnerabilities Cause Memory Corruption and Integer Overflows
Security researchers have uncovered four serious vulnerabilities in ImageMagick, one of the world’s most widely used open-source image processing software...
Read more →
Hackers Mimic IT Teams to Exploit Microsoft Teams Request to Gain System Remote Access
A sophisticated social engineering campaign by the EncryptHub threat group that combines impersonation tactics with technical exploitation to compromise corporate...
Read more →
Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256)
Cybersecurity researchers from watchTowr Labs have published a comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet...
Read more →
Palo Alto Networks Released A Mega Malware Analysis Tutorials Useful for Every Malware Analyst
Palo Alto Networks has published an extensive malware analysis tutorial detailing the dissection of a sophisticated .NET-based threat that delivers...
Read more →
Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection
The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology,...
Read more →
Google Requires Crypto App Developers to Have License or Certification From Relevant Authorities
Google Play has implemented comprehensive licensing requirements for cryptocurrency exchanges and software wallets, fundamentally reshaping the mobile app ecosystem for...
Read more →
Threat Actors Using CrossC2 Tool to Expand Cobalt Strike to Operate on Linux and macOS
A sophisticated threat campaign has emerged that leverages CrossC2, an unofficial extension tool that expands Cobalt Strike’s notorious capabilities beyond...
Read more →
New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash
Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking...
Read more →
New NFC-Driven PhantomCard Android Malware Attacking Banking Users
A sophisticated new Android malware dubbed PhantomCard has emerged from the shadows of Brazil’s cybercriminal underground, representing a significant evolution...
Read more →
2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware
A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular...
Read more →