Top 3 SOC Bottlenecks and How to Solve Them
Attackers evolve faster than most organizations can update their defenses. That’s why 2026 will be defined not by whether incidents happen but by how efficiently and proactively…
Category: CyberSecurityNews
CISA Warns of Apple WebKit Vulnerability 0-Day Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical zero-day vulnerability in Apple WebKit that is currently being actively exploited in attacks. CISA has added CVE-2025-43529 to…
Fortinet FortiWeb Vulnerability (CVE-2025-64446) Exploited in the Wild for Full Admin Takeover
Threat actors have been actively exploiting a critical path-traversal vulnerability in Fortinet’s FortiWeb web application firewall since early October 2025, allowing unauthenticated attackers to create rogue administrator…
Windows Admin Center Vulnerability (CVE-2025-64669) Let Attackers Escalate Privileges
A new local privilege escalation vulnerability in Microsoft’s Windows Admin Center (WAC), affecting versions up to 2.4.2.1 and environments running WAC 2411 and earlier. Tracked…
NoName057(16) Hackers Using DDoSia DDoS Tool to Attack Organizations in NATO
NoName057(16), also known as 05716nnm or NoName05716, has emerged as a significant threat targeting NATO member states and European organizations. The group, which originated as…
FreePBX Vulnerabilities Enables Authentication Bypass that Leads Remote Code Execution
FreePBX has addressed critical vulnerabilities enabling authentication bypass and remote code execution in its Endpoint Manager module. Discovered by Horizon3.ai researchers, these flaws affect telephony…
SantaStealer Attacks Users to Exfiltrates Sensitive Documents, Credentials, and Wallet Data
A new information stealer called SantaStealer has emerged as a serious threat to Windows users worldwide. This malware-as-a-service tool is being aggressively marketed through Telegram…
Popular Chrome Extension with Over 6 Million Installs Captures User Inputs to AI Chatbots
A widely trusted Chrome extension with more than 6 million users has been discovered secretly collecting and selling conversations from major AI platforms. Urban VPN…
SoundCloud Confirms Data Breach Following VPN and Access Issues
SoundCloud has confirmed a security incident involving unauthorized access to user data, revealing that hackers exfiltrated email addresses and public profile information from approximately 20%…
New GhostPairing Attack Let Attackers Gain Full Access in WhatsApp with Phone Number
A newly discovered account takeover campaign targeting WhatsApp users demonstrates how attackers can compromise messaging accounts without stealing passwords or exploiting technical vulnerabilities. The threat,…
Critical FortiGate Devices SSO Vulnerabilities Actively Exploited in the Wild
An active intrusion is targeting critical authentication bypass vulnerabilities in Fortinet’s FortiGate appliances and related products. Threat actors are exploiting CVE-2025-59718 and CVE-2025-59719 to perform…
PornHub Breached by ShinyHunters Group and Premium Members Data Stolen
The notorious hacking collective ShinyHunters has claimed responsibility for a major data breach at Mixpanel, a popular analytics provider, exposing limited user data tied to…