Your blog category
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation… Read More »CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the… Read More »Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as… Read More »Artificial Intelligence – What’s all the fuss?
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late… Read More »State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools,… Read More »Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in… Read More »Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.… Read More »Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog,… Read More »CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild.… Read More »Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase… Read More »Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler