QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features
Jan 23, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has...
Read more →News Archive
View All →
Open-Source ClamAV Releases Critical Security Patch Updates – What’s Inside!
The ClamAV team has announced the release of security patch updates for ClamAV versions 1.4.2 and 1.0.8. These updates address...
Read more →
SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We...
Read more →
New Cookie Sandwich Technique Let Attackers Bypass HttpOnly Flag On Servers
A newly discovered attack technique, dubbed the “cookie sandwich,” enables attackers to bypass the HttpOnly flag on certain servers, exposing...
Read more →
Open-Source ClamAV Releases Security Update for Buffer Overflow Vulnerability
ClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128)....
Read more →
Cisco addresses a critical privilege escalation bug in Meeting Management
Cisco addresses a critical privilege escalation bug in Meeting Management Pierluigi Paganini January 23, 2025 Cisco addressed a critical flaw...
Read more →
New Supply Chain Attack Targeting Chrome Extensions To Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has compromised at least 35 Chrome extensions, potentially exposing over 2.6...
Read more →
Rails Apps Arbitrary File Write Vulnerability Let Attackers Execute Code Remotely
A newly exposed vulnerability in Ruby on Rails applications allows attackers to achieve Remote Code Execution (RCE) through a flaw...
Read more →
Bitsight Instant Insights accelerates vendor risk assessments
Bitsight unveiled Instant Insights, a new offering from the Bitsight IQ suite of AI-based capabilities. The new feature leverages generative...
Read more →
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users....
Read more →
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
Jan 23, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has released software updates to address a critical security flaw impacting Meeting...
Read more →
De Niro Faces Cyber Crisis
Netflix has dropped the first official trailer for its upcoming limited series “Zero Day”, and it’s a chilling glimpse into...
Read more →