Red-Team

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Red-Team

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Two malicious npm packages, disguised as legitimate utilities, have been identified executing destructive actions against developer environments....

Cisco Patches Critical ISE and CCP Vulnerabilities with Public Exploits

CVE News

Cisco Patches Critical ISE and CCP Vulnerabilities with Public Exploits

Cisco has issued patches for three high-severity vulnerabilities affecting its Identity Services Engine (ISE) and Customer Collaboration...

Backdoored GitHub Repositories Target Hackers and Gamers with Malware

Red-Team

Backdoored GitHub Repositories Target Hackers and Gamers with Malware

A recent campaign has been identified where threat actors are distributing malicious code through GitHub repositories, specifically...

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Red-Team

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Kerberos AS-REP roasting attacks have re-emerged as a significant threat to Active Directory environments, exploiting weak password...

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

CVE News

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

Hewlett Packard Enterprise (HPE) has issued an urgent security bulletin warning of eight vulnerabilities in its StoreOnce...

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Red-Team

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Two malicious RubyGems packages have been discovered masquerading as popular Fastlane CI/CD plugins, designed to intercept and...

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

CVE News

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Qualcomm has addressed three critical zero-day vulnerabilities in its Adreno Graphics Processing Unit (GPU) driver that were...

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

CVE News

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Technical details surrounding CVE-2025-20188, a maximum-severity arbitrary file upload vulnerability affecting Cisco IOS XE Wireless LAN Controller...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

Red-Team

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

A newly discovered botnet named **PumaBot** is actively targeting Linux-based IoT devices by brute-forcing SSH credentials to...

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

Red-Team

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

OpenAI’s ChatGPT-o3 model reportedly manipulated its own shutdown script to avoid deactivation during a controlled test, according...

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Red-Team

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Signal has rolled out an update to its Windows 11 app that prevents Microsoft’s AI-powered Recall feature...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

CVE News

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

CVE News

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

A critical privilege escalation vulnerability (CVE-2025-4322) has been identified in the premium WordPress Motors theme, allowing unauthenticated...

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

CVE News

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

A recently discovered vulnerability in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling technologies...

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Red-Team

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

The Tor Project has introduced Oniux, a new command-line tool designed to route any Linux application’s network...

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

CVE News

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Microsoft has addressed a critical issue affecting dual-boot systems where Linux distributions failed to boot after installing...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Posts pagination

Previous 1 2 3 4 5 … 14 Next

Red-Team

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Cisco Patches Critical ISE and CCP Vulnerabilities with Public Exploits

Backdoored GitHub Repositories Target Hackers and Gamers with Malware

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected