Hackers Use GitHub C2 and Call Stack Spoofing in Latest Malware Attacks
Cybersecurity researchers have uncovered an updated version of the malware loader known as Hijack Loader, which incorporates advanced techniques to […]
PostgreSQL Under Attack: Fileless Malware Infects 1,500+ Cloud Servers
Cybercriminals are actively exploiting misconfigured PostgreSQL servers to deploy a fileless cryptominer, with over 1,500 systems compromised. Security researchers at
Google Introduces End-to-End Encryption for Enterprise Gmail Users
Google has introduced a major security upgrade for enterprise Gmail users, enabling them to send end-to-end encrypted (E2EE) emails across
Malware in WordPress: Hackers Exploit mu-Plugins to Hijack Images and Links
Cybercriminals are exploiting a little-known feature in WordPress known as “mu-plugins” to inject malicious code, enabling persistent access to infected
Quick Machine Recovery: Microsoft’s Solution to Windows 11 Startup Issues
Microsoft is testing a new feature in Windows 11 called Quick Machine Recovery, designed to remotely resolve boot crashes caused
Mozilla Fixes High-Risk Firefox Vulnerability Similar to Chrome’s Zero-Day
Mozilla has rolled out critical security updates for its Firefox browser on Windows, addressing a severe vulnerability that could allow
Google Patches High-Severity Chrome Vulnerability: CVE-2025-2783
Google has released an urgent security update to fix a high-severity zero-day vulnerability in its Chrome browser. The flaw, tracked
CVE-2025-29927: Next.js Vulnerability Exposes Websites to Authorization Bypass
A vulnerability in Next.js, an open-source React framework, could allow attackers to bypass authorization mechanisms, exposing web applications to security
Massive Oracle Cloud Hack Exposes 140,000 Enterprises: Hackers Demand Ransom
A massive security breach in Oracle Cloud has put over 140,000 enterprise customers at risk. A hacker exploited a vulnerability
Microsoft’s Code-Signing Service Misused for Malware Attacks
Cyber experts have disclose a way to exploit Microsoft’s Trusted Signing service to sign malware with short-lived three-day certificates, giving
UK’s NCSC Issues Roadmap for Post-Quantum Cryptography Transition
The UK’s National Cyber Security Centre (NCSC) has issued new guidance urging organizations to fully transition to post-quantum cryptography (PQC)
CVE-2025-23120: Veeam Fixes High-Risk Flaw Targeted by Ransomware Gangs
Veeam has released an important security update to fix a critical remote code execution (RCE) vulnerability in its Backup &
Persistent Malware ‘DollyWay’ Infects 20,000 WordPress Sites Since 2016
A large-scale malware campaign known as ‘DollyWay’ has been silently compromising WordPress websites since 2016. Over the past eight years,
NAKIVO Backup Vulnerability Under Attack: CISA Issues Urgent Alert
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over a newly exploited security flaw in NAKIVO Backup
GitHub Actions Breach Exposes Secrets: CISA Issues Alert
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited vulnerability affecting GitHub Actions,