Critical Plesk Vulnerability Allows Users to Gain Root-Level Access
A critical security vulnerability has been discovered in Plesk, a widely used web hosting control panel, that enables unauthorised users to escalate privileges and gain…
Latest Cybersecurity News — Page 769
View all →
Kali Linux 2025.4: New tools and “quality-of-life” improvements
OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. Most of the changes are related…
How to make developer self-service succeed
The aim for all software developer team leaders is to find a happy place where developers spend their day developing and deploying code. The platform…
Japan Holds First Public-Private Cybersecurity Drill
Japan is set to hold its first public-private sector tabletop exercise to prepare for large-scale cyberattacks, particularly targeting critical infrastructure. The drill, scheduled for December…
NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks
NVIDIA has released urgent security patches for its Merlin machine learning framework after discovering two high-severity deserialization vulnerabilities that could enable attackers to execute malicious…
The Execution Playbook For Indian Companies
Shashank Bajpai, CISO & CTSO at Yotta 2026 is the execution year for India’s Digital Personal Data Protection (DPDP) regime , the Rules were notified…
Windows Remote Access Connection Manager Vulnerability Enables Arbitrary Code Execution
A critical security issue involving the Windows Remote Access Connection Manager (RasMan) that allows local attackers to execute arbitrary code with System privileges. While investigating CVE-2025-59230,…
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems
CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused…
Prometheus: Open-source metrics and monitoring systems and services
Prometheus is an open-source monitoring and alerting system built for environments where services change often and failures can spread fast. For security teams and DevOps…
CISA Adds Sierra Router Vulnerability to KEV Catalogue Following Active Exploitation
A critical vulnerability affecting Sierra Wireless routers has been added to its Known Exploited Vulnerabilities (KEV) catalog. This decision comes after evidence emerged that the…
EDR Process Sideloading to Conceal Malicious Activity
Initial access broker Storm-0249 has evolved from a mass phishing operation into a sophisticated threat actor weaponizing legitimate Endpoint Detection and Response (EDR) processes through…
How researchers are teaching AI agents to ask for permission the right way
People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what…