Skip to content

The latest cybersecurity news, threat intelligence, and C2 development news enhanced by AI

All News
Red-Team
Blue-Team
Threat Intelligence
- CVE News
- Data Breaches
Cyber Laws & Regulations
Other

Search for:

Join The Newsletter

Home
News
Session Hijacking

Session Hijacking

Securing the Browser: The New Enterprise Perimeter and Attack Surface

Blue-Team

Securing the Browser: The New Enterprise Perimeter and Attack Surface

The modern web browser has become the primary interface for enterprise work, hosting sensitive data, credentials, and...

Over 3,000 NetScaler Devices Remain Unpatched Against CitrixBleed 2 Vulnerability

CVE News

Over 3,000 NetScaler Devices Remain Unpatched Against CitrixBleed 2 Vulnerability

As of August 2025, more than 3,300 Citrix NetScaler devices remain vulnerable to CitrixBleed 2 (CVE-2025-5777), a...

Over 46,000 Unpatched Grafana Instances Vulnerable to Account Takeover via Open Redirect Flaw

CVE News

Over 46,000 Unpatched Grafana Instances Vulnerable to Account Takeover via Open Redirect Flaw

More than 46,000 internet-facing Grafana instances remain unpatched against a high-severity vulnerability (CVE-2025-4123) that chains an open...

GitLab Patches Critical Account Takeover and Pipeline Hijacking Vulnerabilities

CVE News

GitLab Patches Critical Account Takeover and Pipeline Hijacking Vulnerabilities

GitLab has released security updates addressing multiple high-severity vulnerabilities in its DevSecOps platform, including flaws that could...

WhatsApp Account Hijacking: Tactics, Detection, and Mitigation

Threat Intelligence

WhatsApp Account Hijacking: Tactics, Detection, and Mitigation

Cybercriminals are increasingly targeting WhatsApp accounts to impersonate victims and conduct fraudulent activities, such as emergency scams...

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

Red-Team

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

A newly documented proof-of-concept attack named “Cookie-Bite” demonstrates how malicious Chrome extensions can hijack browser session cookies...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

Bug Bounties & Responsible Disclosure
Cyber Laws & Regulations
Exploitation
Malware Analysis
Red-Team
SIEM & Detection Engineering

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

A critical vulnerability, CVE-2025-2609, has been identified in MagnusSolution’s MagnusBilling software, a widely used billing and call...

You may have missed

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

Blue-Team

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

November 9, 2025

FileFix Attack Evolves with Cache Smuggling to Evade Detection

Threat Intelligence

FileFix Attack Evolves with Cache Smuggling to Evade Detection

October 8, 2025

Microsoft 365 Outage Analysis: A Pattern of Service Instability in 2025

Blue-Team

Microsoft 365 Outage Analysis: A Pattern of Service Instability in 2025

October 8, 2025

Microsoft Exchange Online Implements Default Auto-Archiving to Manage Mailbox Growth

News

Microsoft Exchange Online Implements Default Auto-Archiving to Manage Mailbox Growth

October 8, 2025

Copyright © All rights reserved.