Weaponized PyPI Package Targets Developers to Steal Source Code
Security researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on...
Read more →Category: GBHackers
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
EclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide....
Read more →
Researchers Unveil New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse
A group of cybersecurity specialists from Hunters, working under the prestigious Team Axon, have presented sophisticated threat-hunting techniques in a...
Read more →
Windows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin Access.
Microsoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock, tracked...
Read more →
New Microsoft Scripting Engine Vulnerability Exposes Systems to Remote Code Attacks
Critical zero-day vulnerability in Microsoft’s Scripting Engine (CVE-2025-30397) has been confirmed to enable remote code execution (RCE) attacks over networks,...
Read more →
Critical 0-Day in Windows DWM Enables Privilege Escalation
Microsoft has disclosed a significant security vulnerability (CVE-2025-30400) affecting the Windows Desktop Window Manager (DWM) that is actively being exploited...
Read more →
Critical 0-Day in Windows DWM Enables Privilege Escalation
Microsoft has disclosed a significant security vulnerability (CVE-2025-30400) affecting the Windows Desktop Window Manager (DWM) that is actively being exploited...
Read more →
Swan Vector APT Targets Organizations with Malicious LNK and DLL Implants
A newly identified advanced persistent threat (APT) campaign, dubbed “Swan Vector” by Seqrite Labs, has been targeting educational institutions and...
Read more →
Researchers Introduce Mythic Framework Agent to Enhance Pentesting Tool Performance
Penetration testing is still essential for upholding strong security procedures in a time when cybersecurity threats are changing quickly. Recently,...
Read more →
Microsoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-Day
CVE Number CVE Title Impact Max Severity CVE-2025-29966 Remote Desktop Client Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-29967...
Read more →
Fortinet FortiVoice O-Day Vulnerability Actively Exploited in The Wild
A critical stack-based buffer overflow vulnerability (CWE-121) has been discovered in multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and...
Read more →
Ivanti Released Security Updates to fix the Multiple RCE Vulnerabilities
Ivanti, a leading enterprise software provider, has released critical security updates addressing vulnerabilities across several products, including Endpoint Manager Mobile...
Read more →