Malware on npm “Patches” Local Packages with Reverse Shell
A recent report by ReversingLabs (RL) has uncovered malicious packages on the npm repository that employ sophisticated techniques The post Malware on npm “Patches” Local Packages with Reverse Shell...
View ArticleCVE-2025-30353: Directus Vulnerability Exposes Sensitive Data in Webhook...
A security vulnerability has been identified in Directus, a real-time API and App dashboard used for managing SQL The post CVE-2025-30353: Directus Vulnerability Exposes Sensitive Data in Webhook...
View ArticleSecuring the Web: Chrome’s Push for a More Robust PKI
The internet’s backbone relies on secure connections, and at the heart of this security lies the Public Key The post Securing the Web: Chrome’s Push for a More Robust PKI appeared first on...
View ArticleCritical Vulnerability Discovered in Apache Pinot: Authentication Bypass...
Apache Pinot, a high-throughput, low-latency OLAP datastore originally developed at LinkedIn, is designed to provide real-time analytics for The post Critical Vulnerability Discovered in Apache Pinot:...
View ArticleCVE-2025-31103: Zero-Day Vulnerability Discovered in a-blog cms, Act Now to...
A critical security vulnerability has been discovered in a-blog cms, a web content management system developed by appleple The post CVE-2025-31103: Zero-Day Vulnerability Discovered in a-blog cms, Act...
View ArticleVMware Sues Siemens: Unlicensed Software Use Alleged
Broadcom’s virtualization software subsidiary, VMware, has recently filed a lawsuit in the U.S. District Court of Delaware against The post VMware Sues Siemens: Unlicensed Software Use Alleged appeared...
View ArticleCISA Warns of RESURGE Malware: Exploiting Ivanti Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a newly identified The post CISA Warns of RESURGE Malware: Exploiting Ivanti...
View ArticleMicrosoft’s “Startup Boost”: Faster Office, Higher Memory Use
In a recent technical briefing aimed at IT professionals, Microsoft announced the introduction of a new background task The post Microsoft’s “Startup Boost”: Faster Office, Higher Memory Use appeared...
View ArticleGoogle Changes Android: What It Means for Developers
In contrast to its previous dual-track development approach—relying both on the Android Open Source Project (AOSP) and internal The post Google Changes Android: What It Means for Developers appeared...
View ArticleMinimalist BSOD: Windows 11 Changes Crash Screen Design
In the latest Windows 11 Insider Preview build 26120.3653 (KB5053658) , Microsoft has revised the design of the The post Minimalist BSOD: Windows 11 Changes Crash Screen Design appeared first on Daily...
View ArticlePJobRAT’s Evolution: New Campaign Steals Data from Android
In 2021, PJobRAT, an Android Remote Access Trojan (RAT), was identified targeting Indian military personnel by disguising itself The post PJobRAT’s Evolution: New Campaign Steals Data from Android...
View ArticleCVE-2025-2294 Targets WordPress Plugin with 90,000+ Active Installs
A severe security vulnerability has been identified in the Kubio AI Page Builder plugin for WordPress, posing a The post CVE-2025-2294 Targets WordPress Plugin with 90,000+ Active Installs appeared...
View ArticleLucid: The Rising Threat of Phishing-as-a-Service
In the ever-evolving landscape of cyber threats, Phishing-as-a-Service (PhAAS) platforms have emerged as a significant concern, enabling cybercriminals The post Lucid: The Rising Threat of...
View ArticleGPU-Powered Evasion: Unpacking the Sophisticated CoffeeLoader Malware
Zscaler ThreatLabz has recently uncovered a new and sophisticated malware family named CoffeeLoader, which emerged around September 2024. The post GPU-Powered Evasion: Unpacking the Sophisticated...
View ArticlePython-Powered Triton RAT Exfiltrates Data via Telegram and Evades Analysis
Cado Security Labs has identified a Python-based Remote Access Tool (RAT) named Triton RAT. This open-source RAT is The post Python-Powered Triton RAT Exfiltrates Data via Telegram and Evades Analysis...
View ArticleRussian Intelligence Impersonates CIA in Phishing Attacks
Silent Push Threat Analysts uncover a multi-cluster phishing operation leveraging fake CIA and anti-Putin group websites to harvest The post Russian Intelligence Impersonates CIA in Phishing Attacks...
View ArticleUbuntu Security Alert: Three Ways to Bypass User Namespace Restrictions
Qualys Threat Research Unit (TRU) has recently disclosed three security bypasses in Ubuntu’s unprivileged user namespace restrictions. These The post Ubuntu Security Alert: Three Ways to Bypass User...
View ArticleWarning: Discord’s API Exploited for Malicious Takeover
A new report from CYFIRMA reveals that cybercriminals are increasingly exploiting Discord, the popular communication and gaming platform, The post Warning: Discord’s API Exploited for Malicious...
View ArticleMitel Addresses High Severity XSS Vulnerability in MiContact Center Business
Mitel has issued a security advisory regarding a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2025-23092 (CVSS 7.1), The post Mitel Addresses High Severity XSS Vulnerability in...
View ArticleSHELBY Malware Abuses GitHub for Control and Data Theft
Elastic Security Labs has uncovered a sophisticated malware family—dubbed SHELBY—that combines GitHub-based C2 infrastructure, anti-analysis techniques, and stealthy The post SHELBY Malware Abuses...
View Article