Unpatched Dell PowerProtect Systems Vulnerable to Remote Compromise
A significant security vulnerability has been identified in Dell Technologies PowerProtect Data Domain systems, posing a risk of unauthorized system compromise. The vulnerability, tracked as...
View ArticlePoisonSeed Campaign: Uncovering a Web of Cryptocurrency and Email Provider...
Silent Push Threat Analysts have uncovered a sophisticated campaign targeting enterprise organizations, VIP individuals, and cryptocurrency holders, dubbed “PoisonSeed.” This campaign involves a...
View ArticleNew Evasive Campaign Uses Fake CAPTCHAs to Deliver LegionLoader
Netskope Threat Labs has uncovered a new malicious campaign that employs deceptive tactics to distribute the LegionLoader malware. This campaign leverages fake CAPTCHAs and CloudFlare Turnstile to...
View ArticleCVE-2025-31115: XZ Utils Hit Again with High-Severity Multithreaded Decoder Bug
XZ Utils is a widely used suite of tools and libraries that provide data compression functionality. Known for its efficient compression, XZ Utils is often preferred for creating smaller files than...
View ArticlepgAdmin 4 Vulnerabilities Expose Databases to Remote Code Execution and XSS
The widely utilized PostgreSQL administration tool, pgAdmin 4, has recently addressed two significant security vulnerabilities that pose substantial risks to database environments. The latest release,...
View ArticleBitdefender GravityZone Console Hit by Critical PHP Deserialization...
A critical-severity vulnerability has been discovered in the Bitdefender GravityZone Console, posing a significant risk to affected systems. The flaw, tracked as CVE-2025-2244 (CVSSv4 9.5), is an...
View ArticleMinIO Urgently Patches High-Severity Incomplete Signature Validation...
MinIO, a high-performance object storage server compatible with Amazon S3, has released a patch to address a critical security vulnerability. The vulnerability, tracked as CVE-2025-31489, involves...
View ArticleLazarus Group Expands Malicious Campaign on npm, Targets Developers with New...
A new report from the Socket Research Team reveals that North Korean threat actors, known for the “Contagious Interview” operation, have intensified their malicious activities within the npm ecosystem....
View ArticleLinux Kernel Vulnerability Exposes Local Systems to Privilege Escalation, PoC...
A security researcher has recently disclosed technical details and proof-of-concept (PoC) exploit code for a vulnerability in the Linux kernel’s Performance Events system component. This flaw,...
View ArticleMajor Cybersecurity Events (31st March – 6th April 2025)
In the past week, several significant cybersecurity incidents have made headlines – including high-impact data breaches, and newly discovered or exploited vulnerabilities. Below is a structured summary...
View ArticleHow to Discover Real IPs Behind Cloudflare-Protected Websites
Cloudflare is widely known for masking the real IP addresses of websites it protects—safeguarding them from DDoS attacks, scanning, and direct targeting. However, in the hands of ethical security...
View ArticleEU Targets Musk’s X with Potential $1B Fine for Violating Digital Services Act
Following prior investigations and penalties under the Digital Markets Act against companies including Google, the European Union has now turned its attention to Elon Musk’s platform, X, which may...
View ArticleOpenAI Delays GPT-5 Launch, Will Release GPT-o3 and o4-mini
Back in February, OpenAI unveiled its roadmap for future AI models, stating at the time that GPT-4.5 would be the company’s final non-reasoning-chain model. GPT-5, according to OpenAI, was intended to...
View ArticleMediaTek’s April 2025 Security Bulletin: Critical WLAN Vulnerability Exposes...
MediaTek has released its April 2025 Product Security Bulletin, detailing a range of security vulnerabilities affecting its various chipsets. The bulletin covers vulnerabilities in chipsets used in...
View ArticleX (Twitter) to Sell Inactive Usernames!
The social platform X (formerly Twitter) has long entertained the notion of monetizing dormant usernames—handles tied to long-abandoned or suspended accounts. These usernames are considered digital...
View ArticleOpenAI Prepares to Watermark GPT-4o-Generated Images with ImageGen
Developer @btibor91 on the social platform X (Twitter) has discovered that OpenAI appears to be preparing to introduce watermarking to images generated by its GPT-4o model on the Android version of...
View ArticleSec-Gemini v1: Google’s AI Beats Rivals in Threat Analysis
Google has recently unveiled an experimental AI model, Sec-Gemini v1, tailored to meet cybersecurity demands. Built upon the Gemini framework, Sec-Gemini v1 integrates Google Threat Intelligence (GTI),...
View ArticlePoC Released for CVE-2025-3155: Yelp Flaw Can Expose SSH Keys on Ubuntu Systems
A security vulnerability, identified as CVE-2025-3155, has been discovered in Yelp, the GNOME user help application that comes pre-installed on Ubuntu desktop. The vulnerability involves the way Yelp...
View ArticlePexip Issues Urgent Security Update to Address Critical Vulnerabilities
Pexip, a leading provider of self-hosted video conferencing platforms, has released a security bulletin detailing critical vulnerabilities in its Infinity platform. Critical Heap-Based Buffer Overflow...
View ArticleSmishing Triad Expands Fraud Campaign, Targets Toll Payment Services
A China-based cybercriminal group known as the Smishing Triad is escalating its smishing activities, now targeting consumers in the US and UK with fraudulent text messages related to toll payment...
View Article