Zimbra users targeted in zero-day exploit using iCalendar attachments
Zimbra users targeted in zero-day exploit using iCalendar attachments Pierluigi Paganini October 06, 2025 Threat actors exploited a Zimbra zero-day...
Read more →News Archive
View All →
PoC Exploit Released for Sudo Vulnerability that Enables Attackers to Gain Root Access
A publicly available proof-of-concept (PoC) exploit has been released for CVE-2025-32463, a local privilege escalation (LPE) flaw in the Sudo...
Read more →
Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control
Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools...
Read more →
A week in security (September 29 – October 5)
October 3, 2025 – After posting children’s photos online and issuing ransom demands, cybercriminals targeting Kido nurseries say they’ve erased...
Read more →
Reading the ENISA Threat Landscape 2025 report
Reading the ENISA Threat Landscape 2025 report Pierluigi Paganini October 06, 2025 ENISA Threat Landscape 2025: Rising ransomware, AI phishing,...
Read more →
Hackers Weaponize AWS X-Ray Service to Work as Covert Command & Control Server
A sophisticated technique uncovered where threat actors abuse Amazon Web Services‘ X-Ray distributed tracing service to establish covert command and...
Read more →
Redis Server Use-After-Free Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in Redis Server that could allow authenticated attackers to achieve remote code execution...
Read more →
Old authentication habits die hard
Many organizations still rely on weak authentication methods while workers’ personal habits create additional risks, according to Yubico. Training and...
Read more →
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day...
Read more →
PoC Exploit Released for Remotely Exploitable Oracle E-Business Suite 0-Day Vulnerability
A critical zero-day vulnerability in Oracle E-Business Suite has emerged as a significant threat to enterprise environments, with proof-of-concept (PoC)...
Read more →
Researchers Expose Its Antivirus Bypass Methods
SpyCloud Labs analysts have successfully reverse-engineered Asgard Protector, a sophisticated crypter tool prominently used to hide malicious payloads from antivirus detection...
Read more →
How to succeed at cybersecurity job interviews
Imagine this: you’ve made it through the résumé screen, your skills look solid on paper, and now it’s interview day....
Read more →