Threat actors exploited a known vulnerability, CVE-2023-22527, a template injection flaw in Atlassian Confluence servers exposed to the internet. This exploit facilitated remote code execution…
A reliable VMware environment reporting tool, RVTools, was momentarily infiltrated earlier this week on May 13, 2025, to disseminate the sneaky Bumblebee loader virus, serving…
Cybersecurity and Infrastructure Security Agency (CISA) has announced significant changes to how it communicates cybersecurity updates and guidance to stakeholders. In a recent announcement, CISA…
Security researchers have identified new methods for achieving persistence in Active Directory environments by exploiting Delegated Managed Service Accounts (dMSAs), a new security feature introduced…
Security researchers have disclosed a significant vulnerability in the GNU C Library (glibc), potentially affecting millions of Linux systems worldwide. The flaw, identified as CVE-2025-4802,…
Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical vulnerabilities across major enterprise platforms and earning $435,000 in bounties.…
Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation into suspicious approaches made to students conducting China-related research. The…
Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code, including the notorious XRed backdoor malware. The issue came to…
A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack. Cybersecurity researchers have uncovered a multi-stage…
A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package os-info-checker-es6. First published on March…
A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver Jackson, a member of the…
Critical vulnerability chain in Ivanti Endpoint Manager Mobile (EPMM) has exposed enterprise mobile device management systems to pre-authenticated remote code execution (RCE) attacks. The flaws,…
