Two New Zero Day Flaws Bypass BitLocker and Elevate Privileges on Windows
Chaotic Eclipse reveals two zero day flaws, one bypassing BitLocker encryption via the Windows Recovery Environment and another elevating privileges through the CTFMON framework.
The Latest
Attackers Exploit Unpatched PraisonAI API Authentication Gap
Attackers began probing PraisonAI deployments within hours of the advisory, scanning for the exposed /agents and /chat endpoints on internet…
Active Exploitation of PAN-OS Flaw Grants Attackers Root Access
Palo Alto Networks warns of active exploitation of a PAN-OS remote code execution vulnerability by state-sponsored actors, with patches expected…
Massive Phishing Wave Uses Fake Code of Conduct Scare to Steal Credentials
Microsoft uncovered a credential theft campaign that used fake code of conduct violations to trick 35,000 users across 13,000 organizations…
New Linux Kernel Flaw Gives Attackers Root Access on Multiple Distributions
The Dirty Frag vulnerability exploits two separate kernel page cache write flaws to provide reliable root access without requiring race…
Critical Cisco SD WAN Controller Flaw Under Active Attack Allows Admin Takeover
Cisco warns of active attacks exploiting a maximum severity authentication bypass in Catalyst SD WAN Controller that grants attackers full…
AI Generates Synthetic Attack Telemetry to Stress Test Defenses
Microsoft researchers use large language models to generate realistic command lines and process trees for simulating human operated intrusions in…
Massive npm Package Compromise Injects Malware Into 170+ Developer Tools
A supply chain attack compromised 170 npm packages using worm like malware that steals GitHub, AWS, and Kubernetes credentials from…
AI Hallucinations Create New Attack Vectors in Cybersecurity Operations
New benchmark data reveals that most major AI models are more likely to produce confidently wrong answers than correct ones,…
Ghostwriter Group Deploys Geofenced PDFs to Target Ukrainian Government Systems
Ghostwriter uses region restricted PDF files to deliver Cobalt Strike payloads exclusively to Ukrainian government targets, evading global security researchers.
Apache HTTP Server HTTP/2 Bug Opens Door to Service Disruption and Code Execution
A double free error in Apache's HTTP/2 stream handling allows attackers to crash servers with a single connection, with potential for remote code execution on some Linux systems.
Critical Heap Buffer Overflow Found in NGINX Rewrite Module Affects All Versions
An 18 year old heap buffer overflow in NGINX's rewrite module allows unauthenticated remote code execution through crafted HTTP requests.
Microsoft Teams for Android Bug Opens Door to Device Spoofing Attacks
A local spoofing vulnerability in Microsoft Teams for Android, rated Important, has been patched and could allow attackers to impersonate…
Fake JPEG Images Used to Install Trojanized Remote Access Tool on Windows Systems
Operation SilentCanvas uses JPEG named files containing PowerShell scripts to install a trojanized version of ConnectWise ScreenConnect for persistent remote…
Spotlight
Fortinet Fixes Critical Authentication Gap in Sandbox Platform
Fortinet released patches for five vulnerabilities including a critical unauthenticated authorization bypass in FortiSandbox that could expose sensitive analysis data to remote attackers.
Exim Mail Server Hit by Critical Remote Code Execution Flaw
The Dead.Letter vulnerability lets unauthenticated attackers achieve full server compromise through a single byte heap corruption in the Exim mail server.
Dell SupportAssist Bug Triggers Widespread Windows System Crashes
A faulty Dell SupportAssist Remediation update is causing BSOD loops every 30 minutes on Dell and Alienware laptops, with a manual uninstall serving as the temporary fix.
Mythos AI Reveals macOS Kernel Bugs That Break Apple’s Memory Defenses
Security researchers used techniques from Anthropic's Mythos AI to find two macOS privilege escalation bugs that defeat Apple's kernel memory protections.
Features
Missing Server-Side Checks in Amazon Quick Exposed AI Agents to Blocked Users
The backend API for Amazon Quick AI agents failed to enforce custom permissions, allowing restricted users to query the tool…
Decade Old Heap Flaw in Nginx Opens Door to Remote Code Execution
An 18 year old heap buffer overflow in Nginx's rewrite module, disclosed with a working exploit, allows unauthenticated code execution…
New Linux RAT Targets Developer Machines to Hijack Software Supply Chains
The Quasar Linux RAT specifically targets developer workstations, using compromised credentials to gain access to software development pipelines and potentially…
Active Attacks Target Palo Alto Networks Firewall Vulnerability
Palo Alto Networks has confirmed that a critical PAN-OS vulnerability is being actively exploited in the wild, allowing remote code…
Pamdoora Malware Hijacks Linux Login System to Capture Credentials
The Pamdoora backdoor targets Linux authentication modules to silently record SSH passwords and maintain persistent remote access.
Why Most Vulnerability Fixes Go Unverified
Most security teams apply patches without ever testing whether the fix actually worked, leaving hidden gaps that attackers can exploit.
