Axios Vulnerability Enables Attackers to Crash Node.js Applications via Data Handle Abuse
12
Sep
2025

Axios Vulnerability Enables Attackers to Crash Node.js Applications via Data Handle Abuse

A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js…

Buterat Backdoor Campaigns Targeting Enterprise Endpoint Control
12
Sep
2025

Buterat Backdoor Campaigns Targeting Enterprise Endpoint Control

Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access…

Cloud block storage: Key benefits and use cases
12
Sep
2025

Cloud block storage: Key benefits and use cases

Cloud block storage allows organisations to run applications that depend on high throughput and low latency in the cloud. The…

UK’s Legal Aid Agency discloses a data breach following April cyber attack
12
Sep
2025

UK train operator LNER (London North Eastern Railway) discloses a data breach

UK train operator LNER (London North Eastern Railway) discloses a data breach Pierluigi Paganini September 12, 2025 LNER warns of…

Samsung
12
Sep
2025

Samsung patches actively exploited zero-day reported by WhatsApp

Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. Tracked as…

New Malware Using Azure Functions For Hosting Command And Control Infrastructure
12
Sep
2025

New Malware Using Azure Functions For Hosting Command And Control Infrastructure

A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel…

Malware Campaign Uses SVG Email Attachments to Deploy XWorm and Remcos RAT
12
Sep
2025

Malware Campaign Uses SVG Email Attachments to Deploy XWorm and Remcos RAT

Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans (RATs), including XWorm and…

Why Runtime Visibility Must Take Center Stage
12
Sep
2025

Why Runtime Visibility Must Take Center Stage

The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default…

Post Office Horizon accounts are still a mess and replacement system is years away
12
Sep
2025

Post Office Horizon accounts are still a mess and replacement system is years away

Fujitsu’s Horizon system continues to produce erratic figures in branch accounts, which the Post Office can’t explain, with millions of…

Apple addressed the seventh actively exploited zero-day
12
Sep
2025

Apple issues spyware warnings as CERT-FR confirms attacks

Apple issues spyware warnings as CERT-FR confirms attacks Pierluigi Paganini September 12, 2025 Apple warned users of a spyware campaign;…

Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges
12
Sep
2025

Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges

Microsoft has addressed four elevation of privilege vulnerabilities in its Windows Defender Firewall service, all rated as “Important” in severity….

Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
12
Sep
2025

Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts

In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted…