The Oligo Research team has disclosed a critical vulnerability in Meta’s widely used Llama-stack framework. This vulnerability, tracked as CVE-2024-50050, allows remote attackers to execute arbitrary…
Free Webinar – DevSecOps Hacks By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all…
A major cybersecurity incident has come to light, with more than 370 Ivanti Connect Secure (ICS) devices reportedly compromised through the exploitation of a zero-day…
The cybersecurity landscape witnessed a surge in ransomware activity during the latter half of 2024 and into early 2025, with the emergence of operations like…
Salt Typhoon, a state-sponsored Advanced Persistent Threat (APT) group linked to the People’s Republic of China (PRC), has executed one of the most sophisticated cyber-espionage…
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague unearthed a major security vulnerability in Subaru’s STARLINK connected vehicle…
The New York State Department of Financial Services (NYDFS) has imposed a $2 million penalty on PayPal, Inc. for breaches of the state’s stringent cybersecurity…
A startling security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave vulnerability, potentially allowing attackers to control air conditioning, lighting,…
In a recent technical investigation, researchers uncovered critical insights into the infrastructure linked to a suspected Chinese state-backed cyber actor referred to as “RedGolf.” The…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range of critical systems. These advisories…
In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA pages to deliver the Lumma Stealer malware. Lumma, a malware-as-a-service (MaaS)…
A sophisticated cyber campaign dubbed “J-magic” has been discovered targeting enterprise-grade Juniper routers with a backdoor attack that leverages a passive monitoring agent. The operation,…
