Exploit

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

CVE News

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

A critical supply chain attack has compromised Ripple’s official xrpl.js NPM package, injecting malicious code designed to...

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

Baltimore Public Schools Ransomware Attack: Technical Breakdown of Black Basta’s VMware ESXi Exploit

Data Breach

Baltimore Public Schools Ransomware Attack: Technical Breakdown of Black Basta’s VMware ESXi Exploit

In February 2024, Baltimore City Public Schools suffered a significant ransomware attack compromising over 25,000 records of...

SK Telecom USIM Data Breach: Malware Attack Exposes Customer Authentication Data

Data Breach

SK Telecom USIM Data Breach: Malware Attack Exposes Customer Authentication Data

South Korea’s largest mobile operator, SK Telecom, has confirmed a malware attack compromising sensitive USIM-related customer data,...

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

Red-Team

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

A newly documented proof-of-concept attack named “Cookie-Bite” demonstrates how malicious Chrome extensions can hijack browser session cookies...

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

CVE News

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

A high-severity vulnerability (CVE-2025-2594) has been identified in the WordPress User Registration & Membership plugin, allowing unauthenticated...

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

CVE News

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

A critical buffer overflow vulnerability (CVE-2025-3786) has been identified in Tenda AC15 routers, affecting firmware versions up...

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

CVE News

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

A recently patched vulnerability in Verizon’s Call Filter iOS app allowed unauthorized access to call metadata for...

FBI Warns of Medusa Ransomware Targeting Gmail and Outlook Users: Mitigation and Analysis

Threat Intelligence

FBI Warns of Medusa Ransomware Targeting Gmail and Outlook Users: Mitigation and Analysis

The FBI has issued an urgent advisory warning Gmail and Outlook users about a surge in Medusa...

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

Data Breach

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

A recent breach at Oracle Health has exposed sensitive patient data across multiple US hospitals, raising concerns...

Sam’s Club Faces Potential Clop Ransomware Attack: Investigation Underway

Threat Intelligence

Sam’s Club Faces Potential Clop Ransomware Attack: Investigation Underway

Sam’s Club, the Walmart-owned retail warehouse chain, is currently investigating claims of a data breach linked to...

MailChimp Security Breaches: Phishing, Social Engineering, and Session Hijacking Tactics

Data Breach

MailChimp Security Breaches: Phishing, Social Engineering, and Session Hijacking Tactics

MailChimp, a widely used email marketing platform, has become a prime target for cybercriminals employing sophisticated phishing...

Blacklock Ransomware Infrastructure Compromised: Inside the Breach That Exposed Future Attacks

Threat Intelligence

Blacklock Ransomware Infrastructure Compromised: Inside the Breach That Exposed Future Attacks

In a significant blow to the Blacklock ransomware group, cybersecurity firm Resecurity exploited a vulnerability in the...

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

Threat Intelligence

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

A widespread cyber campaign has compromised approximately 150,000 legitimate websites by injecting malicious JavaScript code that redirects...

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

Threat Intelligence

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

A recent ASEC report reveals intensifying cyber threats against financial institutions in South Korea and worldwide, with...

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

CVE News

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

A malicious campaign is targeting security researchers by distributing a fake proof-of-concept (PoC) exploit for the LDAPNightmare...

NCSC.nl Warns of Cl0p Ransomware Campaigns Targeting File Transfer Systems

Exploitation
Threat Intelligence

NCSC.nl Warns of Cl0p Ransomware Campaigns Targeting File Transfer Systems

The Nationaal Cyber Security Centrum (NCSC) of the Netherlands has issued a warning regarding a series of cyberattacks...

Critical Vulnerabilities in FortiOS and FortiProxy Lead to Ransomware Attacks: NCSC Warns of Exploitation

CVE News
Exploitation

Critical Vulnerabilities in FortiOS and FortiProxy Lead to Ransomware Attacks: NCSC Warns of Exploitation

The National Cyber Security Centre (NCSC) has reported a significant surge in ransomware attacks targeting critical vulnerabilities...

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

Bug Bounties & Responsible Disclosure
Cyber Laws & Regulations
Exploitation
Malware Analysis
Red-Team
SIEM & Detection Engineering

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

A critical vulnerability, CVE-2025-2609, has been identified in MagnusSolution’s MagnusBilling software, a widely used billing and call...

Posts pagination

Previous 1 2

Exploit

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

Baltimore Public Schools Ransomware Attack: Technical Breakdown of Black Basta’s VMware ESXi Exploit

SK Telecom USIM Data Breach: Malware Attack Exposes Customer Authentication Data

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

FBI Warns of Medusa Ransomware Targeting Gmail and Outlook Users: Mitigation and Analysis

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

Sam’s Club Faces Potential Clop Ransomware Attack: Investigation Underway

Blacklock Ransomware Infrastructure Compromised: Inside the Breach That Exposed Future Attacks

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

NCSC.nl Warns of Cl0p Ransomware Campaigns Targeting File Transfer Systems

Critical Vulnerabilities in FortiOS and FortiProxy Lead to Ransomware Attacks: NCSC Warns of Exploitation

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected