News

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

CVE News

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

A critical SQL injection vulnerability (CVE-2025-26898) has been identified in the Shinetheme Traveler WordPress theme, affecting versions...

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

CVE News

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

A high-severity vulnerability (CVE-2025-30232) has been identified in Exim mail servers, affecting versions 4.96 through 4.98.1. The...

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

CVE News

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

A critical vulnerability (CVE-2025-24383) has been identified in Dell Unity operating environments, allowing unauthenticated attackers to execute...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

CVE News

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...

Tencent’s $1.25B Investment in Ubisoft: Strategic Implications for Gaming and Cybersecurity

News

Tencent’s $1.25B Investment in Ubisoft: Strategic Implications for Gaming and Cybersecurity

Chinese tech giant Tencent has acquired a 25% stake in a newly formed Ubisoft subsidiary for $1.25...

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Threat Intelligence

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Security teams worldwide must stay updated on the latest detection rules and emerging threats to defend against...

Emerging Ransomware Threats: Arkana and Frag Groups Target Global Enterprises in March 2025

APT-News

Emerging Ransomware Threats: Arkana and Frag Groups Target Global Enterprises in March 2025

The cybersecurity landscape witnessed a surge in ransomware activity in late March 2025, with two new threat...

Critical PHP Remote File Inclusion Vulnerability Discovered in Hide My WP Ghost Plugin (CVE-2025-26909)

News

Critical PHP Remote File Inclusion Vulnerability Discovered in Hide My WP Ghost Plugin (CVE-2025-26909)

A critical vulnerability (CVE-2025-26909) has been identified in the Hide My WP Ghost WordPress plugin, affecting over...

Federal Judge Orders Trump Administration to Preserve Signal Messages Amid Legal Battle Over Record-Keeping Violations

Cyber Laws & Regulations

Federal Judge Orders Trump Administration to Preserve Signal Messages Amid Legal Battle Over Record-Keeping Violations

A federal judge has issued a directive to the Trump administration to preserve Signal messages exchanged among...

Private Contact Details of Trump Administration Officials Exposed Online

Data Breach

Private Contact Details of Trump Administration Officials Exposed Online

Confidential contact information belonging to former Trump administration officials was reportedly discovered publicly accessible online, raising significant...

Sensitive Data of U.S. Security Officials Exposed in Online Leak

Data Breach

Sensitive Data of U.S. Security Officials Exposed in Online Leak

Private data and passwords belonging to senior U.S. security officials were discovered exposed online, raising concerns about...

MORSECORP Inc. Settles $4.6 Million Cybersecurity Fraud Case with U.S. Government

Cyber Laws & Regulations

MORSECORP Inc. Settles $4.6 Million Cybersecurity Fraud Case with U.S. Government

Defense contractor MORSECORP Inc. has agreed to pay $4.6 million to resolve allegations of cybersecurity fraud involving...

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

News

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Reports indicate that a prominent Indonesian educational technology platform may have been the target of a cybersecurity...

10GB of Stolen Login Credentials Reportedly Leaked by Threat Actor

Data Breach

10GB of Stolen Login Credentials Reportedly Leaked by Threat Actor

A threat actor has allegedly obtained and leaked approximately 10GB of stolen login credentials, posing a significant...

Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities

Threat Intelligence

Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities

Security researchers have identified active exploitation of a high-severity Microsoft Exchange vulnerability (CVE-2023-XXXX) in targeted phishing campaigns...

Strengthening Defenses Against Identity-Based Cyber Attacks

News

Strengthening Defenses Against Identity-Based Cyber Attacks

Identity-based attacks remain one of the most pervasive threats in cybersecurity, leveraging stolen or compromised credentials to...

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

APT-News

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

A new ransomware-as-a-service (RaaS) operation dubbed “VanHelsing” has surfaced, targeting multiple operating systems and employing double extortion...

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

CVE News

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

A severe remote code execution (RCE) vulnerability has been identified in the Ingress NGINX Controller, allowing attackers...

INTERPOL’s Global Cybercrime Crackdown: 306 Arrested, 1,842 Devices Seized

APT-News

INTERPOL’s Global Cybercrime Crackdown: 306 Arrested, 1,842 Devices Seized

In a coordinated international operation, INTERPOL has arrested 306 suspects and seized 1,842 electronic devices in a...

Red-Team News

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

Tencent’s $1.25B Investment in Ubisoft: Strategic Implications for Gaming and Cybersecurity

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Emerging Ransomware Threats: Arkana and Frag Groups Target Global Enterprises in March 2025

Critical PHP Remote File Inclusion Vulnerability Discovered in Hide My WP Ghost Plugin (CVE-2025-26909)

Federal Judge Orders Trump Administration to Preserve Signal Messages Amid Legal Battle Over Record-Keeping Violations

Private Contact Details of Trump Administration Officials Exposed Online

Sensitive Data of U.S. Security Officials Exposed in Online Leak

MORSECORP Inc. Settles $4.6 Million Cybersecurity Fraud Case with U.S. Government

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

10GB of Stolen Login Credentials Reportedly Leaked by Threat Actor

Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities

Strengthening Defenses Against Identity-Based Cyber Attacks

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

INTERPOL’s Global Cybercrime Crackdown: 306 Arrested, 1,842 Devices Seized

You may have missed

Trump Administration Considers TikTok Deal Allowing Chinese Algorithm Ownership

How Intezer’s AI SOC Balances Automation with Human Expertise

How Security Platformization Improves Threat Response and Operational Efficiency

World Backup Day: Essential Strategies for Enterprise Data Protection