News

Russian Cyber Espionage Campaign Impersonates CIA to Target Ukrainian Defense Intelligence

APT-News

Russian Cyber Espionage Campaign Impersonates CIA to Target Ukrainian Defense Intelligence

Russian state-aligned hackers have launched a sophisticated phishing campaign impersonating the U.S. Central Intelligence Agency (CIA) to...

Federal Cybersecurity in the Cloud Era: Challenges and Solutions

Blue-Team

Federal Cybersecurity in the Cloud Era: Challenges and Solutions

The shift to cloud computing has introduced new cybersecurity challenges for U.S. Federal agencies, particularly in maintaining...

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

A newly discovered SQL injection vulnerability in the widely used GLPI IT Service Management (ITSM) tool poses...

MailChimp Security Breaches: Phishing, Social Engineering, and Session Hijacking Tactics

Data Breach

MailChimp Security Breaches: Phishing, Social Engineering, and Session Hijacking Tactics

MailChimp, a widely used email marketing platform, has become a prime target for cybercriminals employing sophisticated phishing...

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Red-Team

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Recent research highlights a significant shift in red team operations as artificial intelligence becomes more sophisticated. A...

UK Faces “Daily” Hybrid Attacks from Russia, Warns Former Defence Committee Chair

Threat Intelligence

UK Faces “Daily” Hybrid Attacks from Russia, Warns Former Defence Committee Chair

The former Chairman of the UK’s Defence Select Committee, Tobias Ellwood, has issued a stark warning about...

Microsoft Resolves Remote Desktop Issues Caused by Windows 11 24H2 Updates

Blue-Team

Microsoft Resolves Remote Desktop Issues Caused by Windows 11 24H2 Updates

Microsoft has addressed critical Remote Desktop Protocol (RDP) and Remote Desktop Services (RDS) connectivity issues stemming from...

Massive JavaScript Injection Campaign Redirects 150,000 Sites to Gambling Platforms

Threat Intelligence

Massive JavaScript Injection Campaign Redirects 150,000 Sites to Gambling Platforms

A widespread cyberattack has compromised over 150,000 legitimate websites by injecting malicious JavaScript that redirects visitors to...

Blacklock Ransomware Infrastructure Compromised: Inside the Breach That Exposed Future Attacks

Threat Intelligence

Blacklock Ransomware Infrastructure Compromised: Inside the Breach That Exposed Future Attacks

In a significant blow to the Blacklock ransomware group, cybersecurity firm Resecurity exploited a vulnerability in the...

Tor Browser 14.0.8 Emergency Update: Critical Security Fixes for Windows

Blue-Team

Tor Browser 14.0.8 Emergency Update: Critical Security Fixes for Windows

The Tor Project has issued an emergency update, Tor Browser 14.0.8, exclusively for Windows users. This release...

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

CVE News

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Mozilla has issued an emergency update for Firefox on Windows to address a critical sandbox escape vulnerability...

Meta AI’s European Expansion: Features, Limitations, and Security Implications

News

Meta AI’s European Expansion: Features, Limitations, and Security Implications

Meta has officially launched its AI assistant, Meta AI, across 41 European countries, marking a significant step...

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

CVE News

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

A critical security flaw in NetApp SnapCenter, tracked as CVE-2025-26512, could allow authenticated users to escalate privileges...

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

Threat Intelligence

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

A widespread cyber campaign has compromised approximately 150,000 legitimate websites by injecting malicious JavaScript code that redirects...

Why CASB Solutions Fall Short Against Shadow SaaS and the Browser-Based Security Alternative

News

Why CASB Solutions Fall Short Against Shadow SaaS and the Browser-Based Security Alternative

Organizations increasingly rely on SaaS applications for critical operations, from CRMs to payment processors, but traditional Cloud...

APT36 Targets Indian Users with Spoofed India Post Website Delivering Cross-Platform Malware

APT-News

APT36 Targets Indian Users with Spoofed India Post Website Delivering Cross-Platform Malware

An advanced persistent threat (APT) group linked to Pakistan has been observed impersonating India’s postal service to...

Morphing Meerkat PhaaS Exploits DNS MX Records to Target 114 Brands

Threat Intelligence

Morphing Meerkat PhaaS Exploits DNS MX Records to Target 114 Brands

A newly uncovered phishing-as-a-service (PhaaS) platform, dubbed Morphing Meerkat, is dynamically impersonating over 114 brands by abusing...

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

CVE News

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mozilla has released emergency updates to patch a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows,...

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Threat Intelligence

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Cybersecurity researchers have uncovered a campaign involving hijacked npm packages, some over nine years old, that were...

PJobRAT Malware Targets Taiwanese Users Through Fake Chat Apps

APT-News

PJobRAT Malware Targets Taiwanese Users Through Fake Chat Apps

A new campaign involving the Android malware PJobRAT has been identified, specifically targeting users in Taiwan through...

Red-Team News

Russian Cyber Espionage Campaign Impersonates CIA to Target Ukrainian Defense Intelligence

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

UK Faces “Daily” Hybrid Attacks from Russia, Warns Former Defence Committee Chair

Microsoft Resolves Remote Desktop Issues Caused by Windows 11 24H2 Updates

Massive JavaScript Injection Campaign Redirects 150,000 Sites to Gambling Platforms

Blacklock Ransomware Infrastructure Compromised: Inside the Breach That Exposed Future Attacks

Tor Browser 14.0.8 Emergency Update: Critical Security Fixes for Windows

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Meta AI’s European Expansion: Features, Limitations, and Security Implications

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

APT36 Targets Indian Users with Spoofed India Post Website Delivering Cross-Platform Malware

Morphing Meerkat PhaaS Exploits DNS MX Records to Target 114 Brands

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

PJobRAT Malware Targets Taiwanese Users Through Fake Chat Apps

You may have missed

Trump’s TikTok Decision: National Security, Ownership, and April 5 Deadline

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks