ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings
06
Mar
2025

ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings

A critical Insecure Direct Object Reference (IDOR) vulnerability chain in ZITADEL’s administration interface (CVE-2025-27507) has exposed organizations to systemic risks…

Hackers Deploy AI Deepfake of YouTube CEO in Credential Theft Scam
06
Mar
2025

Hackers Deploy AI Deepfake of YouTube CEO in Credential Theft Scam

YouTube CEO Neal Mohan was impersonated in a deepfake phishing scam. Learn about the attack, how to spot the red…

Outsmarting Cyber Threats with Attack Graphs
06
Mar
2025

Outsmarting Cyber Threats with Attack Graphs

Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on…

Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
06
Mar
2025

Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code

Elastic has issued an urgent security advisory for a critical vulnerability in Kibana, tracked as CVE-2025-25012, that allows authenticated attackers…

LibreOffice Vulnerability Let Attackers Execute Arbitrary Script Using Macro URL
06
Mar
2025

LibreOffice Vulnerability Let Attackers Execute Arbitrary Script Using Macro URL

A critical security vulnerability in LibreOffice tracked as CVE-2025-1080, has exposed millions of users to potential remote code execution attacks…

Naveen Goud
06
Mar
2025

Broadcom issues VMware patch alert and Microsoft Silk Typhoon Cyber Threat

Broadcom Urges VMware Customers to Address Zero-Day Vulnerabilities Broadcom, a leading American semiconductor company and now the owner of VMware,…

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
06
Mar
2025

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

Mar 06, 2025Ravie LakshmananData Breach / Website Security Over 1,000 websites powered by WordPress have been infected with a third-party…

Phantom Goblin 
06
Mar
2025

Credential Theft And Remote Access

A new malware campaign named Phantom Goblin, identified and analyzed by Cyble, uses information-stealing malware that uses social engineering techniques…

SecP0 Ransomware Group Threatens Organizations to Leak Vulnerability Details
06
Mar
2025

SecP0 Ransomware Group Threatens Organizations to Leak Vulnerability Details

A new ransomware group, SecP0, has emerged on the cybercrime landscape, adopting a novel and deeply concerning tactic: demanding ransom…

Google Silently Tracks Android Device Even No Apps Opened by User
06
Mar
2025

Google Silently Tracks Android Device Even No Apps Opened by User

Google collects and stores significant amounts of user data on Android devices, even when users haven’t opened any Google apps….

Big bank systems crashed for over 800 hours in last two years due to IT outages
06
Mar
2025

Big bank systems crashed for over 800 hours in last two years due to IT outages

Nine of the UK’s biggest banks accumulated over 33 days of IT downtime over the last two years with millions…

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor
06
Mar
2025

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor Pierluigi Paganini March 06, 2025 China-linked Lotus Blossom APT targets…