News

NHS Vendor Advanced Fined £3M for Security Failures Leading to 2022 Ransomware Attack

Cyber Laws & Regulations

NHS Vendor Advanced Fined £3M for Security Failures Leading to 2022 Ransomware Attack

The UK Information Commissioner’s Office (ICO) has confirmed that NHS software supplier Advanced will pay £3.07 million...

Fake DeepSeek Google Ads Deliver Malware: Technical Analysis & Mitigation

Malware Analysis

Fake DeepSeek Google Ads Deliver Malware: Technical Analysis & Mitigation

Cybercriminals are exploiting DeepSeek’s growing popularity by distributing malware through fake sponsored Google ads, according to a...

Grandoreiro Banking Trojan Resurfaces in Phishing Campaigns Targeting Latin America and Europe

APT-News

Grandoreiro Banking Trojan Resurfaces in Phishing Campaigns Targeting Latin America and Europe

The Grandoreiro banking trojan has reemerged in new phishing campaigns targeting users in Latin America and Europe,...

Critical SQL Injection Vulnerability in SEMCMS (CVE-2025-25686): Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in SEMCMS (CVE-2025-25686): Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-25686) has been identified in SEMCMS versions 5.0 and earlier, posing significant...

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

CVE News

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-28138, has been identified in TOTOLINK A800R routers...

HTCondor Authorization Bypass Vulnerability (CVE-2025-30093): Technical Analysis and Mitigation

CVE News

HTCondor Authorization Bypass Vulnerability (CVE-2025-30093): Technical Analysis and Mitigation

A critical authorization bypass vulnerability in HTCondor, tracked as CVE-2025-30093, has been disclosed, affecting multiple versions of...

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

Data Breach

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

A recent breach at Oracle Health has exposed sensitive patient data across multiple US hospitals, raising concerns...

OpenAI Raises Bug Bounty Rewards to $100,000 for Critical Vulnerabilities

Bug Bounties & Responsible Disclosure

OpenAI Raises Bug Bounty Rewards to $100,000 for Critical Vulnerabilities

OpenAI has significantly increased its maximum bug bounty payout from $20,000 to $100,000 for critical security vulnerabilities...

Sam’s Club Faces Potential Clop Ransomware Attack: Investigation Underway

Threat Intelligence

Sam’s Club Faces Potential Clop Ransomware Attack: Investigation Underway

Sam’s Club, the Walmart-owned retail warehouse chain, is currently investigating claims of a data breach linked to...

Analysis of the 13M Indian Bank User Data Breach and Related Cyber Threats

Data Breach

Analysis of the 13M Indian Bank User Data Breach and Related Cyber Threats

A recent alleged data breach has reportedly exposed the personal information of over 13 million Indian bank...

Europcar Data Breach Controversy: AI-Fabricated or Legitimate Threat?

Data Breach

Europcar Data Breach Controversy: AI-Fabricated or Legitimate Threat?

A recent claim of a 37GB Europcar data breach on the dark web has sparked debate among...

Phishing-as-a-Service Platform Morphing Meerkat Exploits DNS MX Records to Spoof 100+ Brands

Threat Intelligence

Phishing-as-a-Service Platform Morphing Meerkat Exploits DNS MX Records to Spoof 100+ Brands

A newly uncovered phishing-as-a-service (PhaaS) platform, named “Morphing Meerkat,” has been leveraging DNS mail exchange (MX) records...

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

CVE News

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

A newly disclosed path traversal vulnerability (CVE-2024-54291) in Apache’s NotFound PluginPass has been rated with a high...

Morphing Meerkat PhaaS Operation Leverages DNS-over-HTTPS for Evasion

Threat Intelligence

Morphing Meerkat PhaaS Operation Leverages DNS-over-HTTPS for Evasion

A newly identified phishing-as-a-service (PhaaS) operation, dubbed Morphing Meerkat by researchers, has adopted DNS-over-HTTPS (DoH) to bypass...

DeBackdoor: Detecting and Mitigating Backdoor Attacks in Deep Learning Models

Blue-Team
News
Security Tools & Research

DeBackdoor: Detecting and Mitigating Backdoor Attacks in Deep Learning Models

Deep learning models power critical systems like autonomous vehicles and medical diagnostics, but their reliance on complex...

SHELBY Malware Campaign: GitHub Abuse for C2 Operations in Iraqi Telecom Attacks

Malware Analysis

SHELBY Malware Campaign: GitHub Abuse for C2 Operations in Iraqi Telecom Attacks

Elastic Security Labs has uncovered a sophisticated malware campaign targeting Iraq’s telecommunications sector, utilizing a new malware...

Russian Cyber Espionage Campaign Impersonates CIA to Target Ukrainian Defense Intelligence

APT-News

Russian Cyber Espionage Campaign Impersonates CIA to Target Ukrainian Defense Intelligence

Russian state-aligned hackers have launched a sophisticated phishing campaign impersonating the U.S. Central Intelligence Agency (CIA) to...

Federal Cybersecurity in the Cloud Era: Challenges and Solutions

Blue-Team

Federal Cybersecurity in the Cloud Era: Challenges and Solutions

The shift to cloud computing has introduced new cybersecurity challenges for U.S. Federal agencies, particularly in maintaining...

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

A newly discovered SQL injection vulnerability in the widely used GLPI IT Service Management (ITSM) tool poses...

MailChimp Security Breaches: Phishing, Social Engineering, and Session Hijacking Tactics

Data Breach

MailChimp Security Breaches: Phishing, Social Engineering, and Session Hijacking Tactics

MailChimp, a widely used email marketing platform, has become a prime target for cybercriminals employing sophisticated phishing...

Red-Team News

NHS Vendor Advanced Fined £3M for Security Failures Leading to 2022 Ransomware Attack

Fake DeepSeek Google Ads Deliver Malware: Technical Analysis & Mitigation

Grandoreiro Banking Trojan Resurfaces in Phishing Campaigns Targeting Latin America and Europe

Critical SQL Injection Vulnerability in SEMCMS (CVE-2025-25686): Analysis and Mitigation

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

HTCondor Authorization Bypass Vulnerability (CVE-2025-30093): Technical Analysis and Mitigation

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

OpenAI Raises Bug Bounty Rewards to $100,000 for Critical Vulnerabilities

Sam’s Club Faces Potential Clop Ransomware Attack: Investigation Underway

Analysis of the 13M Indian Bank User Data Breach and Related Cyber Threats

Europcar Data Breach Controversy: AI-Fabricated or Legitimate Threat?

Phishing-as-a-Service Platform Morphing Meerkat Exploits DNS MX Records to Spoof 100+ Brands

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

DeBackdoor: Detecting and Mitigating Backdoor Attacks in Deep Learning Models

SHELBY Malware Campaign: GitHub Abuse for C2 Operations in Iraqi Telecom Attacks

Russian Cyber Espionage Campaign Impersonates CIA to Target Ukrainian Defense Intelligence

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

You may have missed

Asahi Group Ransomware Attack: Qilin Gang Compromises Data of 1.9 Million

Australian Man Sentenced for “Evil Twin” WiFi Attacks Targeting Airports and Flights

GitLab Public Repository Scan Uncovers Widespread Exposure of Live Secrets

GreyNoise IP Check: A Free Tool for Botnet Detection and IP Reputation Monitoring