OpenSSH ProxyCommand Flaw Allows Remote Code Execution
Security researchers have uncovered a critical flaw in OpenSSH’s ProxyCommand feature that can be leveraged to achieve remote code execution on client systems. Tracked as…
Security researchers have uncovered a critical flaw in OpenSSH’s ProxyCommand feature that can be leveraged to achieve remote code execution on client systems. Tracked as…
Popular social platform Discord has suffered a data breach—though technically, it wasn’t Discord itself that was hacked. A third-party customer support provider was compromised, allowing…
Time Manipulation Allows Hackers to Trigger Y2K38 Bug Today Widely known time-related software bugs that could cause significant disruptions when triggered in more than a…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft Windows. Known as CVE-2021-43226, this…
Scattered Spider has shifted its operational strategy, moving away from chaotic data leaks toward a more structured and professional model of cybercrime. Now functioning as…
CISA has issued an urgent security advisory, adding Microsoft Windows privilege escalation vulnerability CVE-2021-43226 to its Known Exploited Vulnerabilities (KEV) catalog on October 6, 2025. …
A critical zero-day vulnerability in GoAnywhere MFT’s License Servlet is being actively exploited to deploy Medusa ransomware. On September 18, 2025, Fortra released an advisory…
U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 07, 2025 U.S. Cybersecurity…
Listen to the article 2 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Artificial intelligence–powered attacks are the…
A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a…
The hacker collective styling itself “Scattered Lapsus$ Hunters”—an alliance echoing elements of ShinyHunters, Scattered Spider, and Lapsus$—has launched an extortionware portal to pressure victims into…
Oracle has issued an emergency security alert for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite after the notorious Cl0p ransomware group began extorting…