Urgent Update: Three Critical Flaws Patched in UniFi OS
Ubiquiti releases emergency patches for three maximum severity flaws in UniFi OS that allow unauthenticated remote attackers to compromise systems.
The Latest
ShinyHunters Leaks Data of 185,000 Individuals After 7-Eleven Breach
The convenience store chain disclosed that attackers accessed franchisee document systems in April, leading to the exposure of hundreds of…
Agentic AI Transforms NDR from Alert Overload to Strategic Intelligence
Agentic AI transforms Network Detection and Response by autonomously correlating high data volumes to surface hidden threats, freeing analysts from…
Edge Device Breach: F5 BIG-IP Exploited as Gateway to Enterprise Networks
Attackers used an outdated F5 BIG-IP load balancer as an initial entry point to gain SSH access to a Linux…
ConnectWise Automate Plugin Flaw Opens Door to Remote Code Execution
A high severity flaw in ConnectWise Automate's plugin loading mechanism could allow network based attackers to run malicious code without…
Anthropic Prepares Commercial Release of Claude Mythos AI Model for Enterprise Security
Technical signals and internal documents suggest Anthropic is preparing to offer its previously restricted Claude Mythos AI model through Claude…
Active Attacks Target NGINX Buffer Overflow Flaw
Attackers are actively exploiting a critical NGINX buffer overflow vulnerability that can crash worker processes and potentially enable remote code…
Push Fatigue Attacks Exploit Users to Bypass Multi Factor Security
Attackers exploit human psychology by flooding users with push notifications until they accidentally approve a login request, bypassing the security…
Multiple Vendors Issue Critical Security Patches for Code Execution and Injection Flaws
Ivanti, Fortinet, SAP, VMware, and n8n have released critical security patches addressing remote code execution, SQL injection, and authentication bypass…
CERT-In Imposes 12 Hour Patching Window for Exposed Systems Due to AI Threats
CERT-In's new 12 hour patching mandate for internet facing systems aims to counter the rising threat of AI driven automated…
Cybercriminals Exploit RCS and iMessage for Sophisticated Financial Attacks
Phishing services are exploiting encrypted messaging protocols like RCS and iMessage to bypass traditional carrier filters that block malicious SMS links.
New Open Source Framework Automates Bug Bounty Testing with 50 Specialized Agents
The open source Pentest Agent Suite brings a validator gate and persistent memory tracker to automate vulnerability discovery across seven…
New Payload Ransomware Combines ChaCha20 and Curve25519 to Lock Windows Systems
The Payload ransomware uses per file ChaCha20 encryption with Curve25519 key exchange and aggressively deletes backups and logs before locking…
7-Zip NTFS Handler Flaw Opens Door to Code Execution Attacks
A buffer overflow in 7-Zip's NTFS handler allows attackers to hijack program execution simply by tricking a user into opening…
Spotlight
Active Exploitation of KnowledgeDeliver LMS Flaw Deploys Memory-Only Web Shell
Mandiant discovered attackers exploiting a shared ASP.NET machine key flaw in KnowledgeDeliver LMS to deploy the BLUEBEAM in-memory web shell.
Iranian Hackers Weaponize Search Rankings to Spread Malware Disguised as Database Tool
An Iranian state linked group used search engine optimization tricks to rank a fake SQL Developer download page at the top of search results, delivering a backdoor to unsuspecting users.
InvisibleFerret Malware Shifts to Binary Form to Avoid Script-Based Detection
The malware associated with the Void Dokkaebi threat actor now uses Cython to compile Python code into binary .pyd and .so files, bypassing traditional script detection rules.
Attackers Exploit CDN Infrastructure Flaw to Bypass Domain Reputation Defenses
A novel attack called Underminr exploits shared CDN architecture to route malicious traffic through trusted domains, potentially exposing over 88 million domains hosted on Cloudflare, Akamai, and other major providers.
Features
Cloud Atlas APT Hijacks Windows RDP to Hide Ongoing Attacks
Cloud Atlas modifies the Windows termsrv.dll file to bypass RDP session limits, enabling stealthy simultaneous access with legitimate users.
Malicious Tags Used to Inject Credential Stealer Into Laravel-Lang Packages
Attackers rewrote git tags in Laravel-Lang PHP packages to inject a credential stealing payload that executes silently on application startup.
Choosing the Right Malware Sandbox for Advanced Threat Analysis
A detailed guide to understanding how malware sandboxes provide behavioral analysis to detect evasive threats that bypass traditional signature based…
Drupal PostgreSQL SQL Injection Flaw Faces Active Exploitation
Drupal has confirmed active attacks against a critical SQL injection vulnerability in its database abstraction API affecting PostgreSQL-based sites.
Microsoft Patches Active Defender Flaws Under Attack
Microsoft releases emergency patches for two actively exploited Defender security flaws, including a privilege escalation bug that gives attackers full…
GitHub Investigation Points to VS Code Extension Attack in Source Code Theft
Attackers accessed thousands of GitHub internal repositories by compromising an employee device through a malicious Visual Studio Code extension.