LegionLoader Malware Downloader Resurfaces with 2,000+ New Samples
A new analysis from the TEHTRIS Threat Intelligence team details the resurgence of LegionLoader, a sophisticated malware downloader The post LegionLoader Malware Downloader Resurfaces with 2,000+ New...
View ArticleThe Rise of Phishing-as-a-Service: How Cybercriminals are Outsourcing Attacks
Phishing attacks are no longer the domain of elite hackers. With the rise of Phishing-as-a-Service (PhaaS), cybercriminals of The post The Rise of Phishing-as-a-Service: How Cybercriminals are...
View ArticleMalicious Models on Hugging Face: A New Threat to AI Development
New research from ReversingLabs has uncovered a novel technique for distributing malware on the Hugging Face platform, exploiting The post Malicious Models on Hugging Face: A New Threat to AI...
View ArticleAlabama Man Pleads Guilty in Bitcoin Price Manipulation Scheme Involving...
Eric Council Jr., a 25-year-old from Athens, Alabama, has pleaded guilty to charges related to the January 2024 The post Alabama Man Pleads Guilty in Bitcoin Price Manipulation Scheme Involving Hacked...
View ArticleMultiple Security and Privacy Flaws Found in DeepSeek iOS App
A recent security and privacy assessment by NowSecure has uncovered multiple severe vulnerabilities in the DeepSeek iOS mobile The post Multiple Security and Privacy Flaws Found in DeepSeek iOS App...
View ArticleGitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical...
Security researcher Hakivvi has published an in-depth analysis of CVE-2025-23369 (CVSSv4 7.6), a vulnerability that allows attackers to The post GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369)...
View ArticleGoogle’s reCAPTCHA Fails to Stop Bots—But It’s Great at Harvesting Your Data
Google’s reCAPTCHA verification system has drawn widespread criticism from users, who find tasks such as selecting traffic lights, The post Google’s reCAPTCHA Fails to Stop Bots—But It’s Great at...
View ArticleGoogle Chrome Tests AI-Driven Auto Password Change for Breached Accounts
Major web browsers have already integrated password breach alerts, automatically notifying users if their credentials have been found The post Google Chrome Tests AI-Driven Auto Password Change for...
View Article$16 Million Ransomware Operation Shut Down: 8Base Masterminds Apprehended
The UK’s National Crime Agency (NCA), in conjunction with Europol, the US Federal Bureau of Investigation, the Bavarian The post $16 Million Ransomware Operation Shut Down: 8Base Masterminds...
View ArticleRobust Open Online Safety Tools (ROOST): Tech Giants Unite to Build AI-Era...
Roblox, Discord, OpenAI, and Google have announced the formation of a non-profit organization called “ROOST” (Robust Open Online The post Robust Open Online Safety Tools (ROOST): Tech Giants Unite to...
View ArticleSAP Security Patch Day February 2025: Multi Vulnerabilities Addressed
SAP has released its latest round of security patches, addressing 19 new vulnerabilities and updating 2 previous Security The post SAP Security Patch Day February 2025: Multi Vulnerabilities Addressed...
View ArticleCVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run...
Ivanti has issued a security advisory regarding critical vulnerabilities in its Cloud Services Application (CSA). The vulnerabilities, identified The post CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA...
View ArticleCVE-2024-12797 – High-Severity OpenSSL Flaw: Update Now to Prevent MITM Attacks
A high-severity vulnerability has been discovered in OpenSSL, a widely-used cryptography library that secures countless websites and online The post CVE-2024-12797 – High-Severity OpenSSL Flaw: Update...
View ArticleMicrosoft Patches Actively Exploited Zero-Day Flaws – CVE-2025-21418 &...
Microsoft has rolled out its February 2025 Patch Tuesday security updates, addressing 67 vulnerabilities across multiple products. This The post Microsoft Patches Actively Exploited Zero-Day Flaws –...
View ArticleUS Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for...
The U.S. Department of the Treasury, in a coordinated effort with Australia and the United Kingdom, has announced The post US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for...
View ArticleMicrosoft Releases Final Cumulative Update for Exchange Server 2019 – Here’s...
Microsoft announced the release of the 2025 H1 Cumulative Update (CU15) for Exchange Server 2019, marking the final The post Microsoft Releases Final Cumulative Update for Exchange Server 2019 – Here’s...
View ArticleCVE-2025-1143: Billion Electric Routers Vulnerable to Remote Takeover Due to...
The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a security advisory warning of a The post CVE-2025-1143: Billion Electric Routers Vulnerable to Remote Takeover...
View ArticleDevolutions Warns of Severe RDM Vulnerabilities Allowing Encrypted...
Devolutions, a leading provider of remote connection management solutions, has issued a security advisory addressing critical vulnerabilities affecting The post Devolutions Warns of Severe RDM...
View ArticleCVE-2025-24032, CVE-2025-24531, and More: Critical Flaws in PAM-PKCS#11...
The PAM-PKCS#11 login module, a widely used tool for X.509 certificate-based user login on Linux systems, has been The post CVE-2025-24032, CVE-2025-24531, and More: Critical Flaws in PAM-PKCS#11...
View ArticleSandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber...
The notorious Sandworm APT (APT44), a Russian-state-sponsored threat actor affiliated with the GRU (Russia’s Main Intelligence Directorate), has The post Sandworm APT Exploits Trojanized KMS Tools to...
View Article