Truesight.sys Driver Abused to Bypass EDR and Deliver HiddenGh0st RAT
Attackers have reportedly exploited a vulnerable Windows driver, Truesight.sys, to bypass Endpoint Detection and Response (EDR) systems and deploy the […]
Alert
Chinese Salt Typhoon Hackers Exploit Cisco Flaw CVE-2018-0171 to Target U.S. Telecoms
Cisco has confirmed that a Chinese state-backed hacking group, known as Salt Typhoon, exploited a known security vulnerability (CVE-2018-0171) to
Signal Users Targeted in New QR Code Phishing Attacks
Cybercriminals aligned with Russia have been actively exploiting the linked devices feature in Signal, the popular privacy-focused messaging app, to
Golang-Based Malware Uses Telegram to Evade Detection
A Golang-based backdoor is leveraging Telegram for command-and-control (C2) communications, making it harder to detect and mitigate. Cybersecurity researchers at
High-Severity Palo Alto PAN-OS Vulnerability Alert: CVE-2025-0108
Palo Alto Networks has released crucial security updates to fix a high-severity vulnerability in its PAN-OS software that could allow
CVE-2025-24200: Apple Patches Zero-Day Exploit Targeting iPhones
Apple has released out-of-band security updates on Monday to address a critical vulnerability in iOS and iPadOS. This zero-day flaw,
Zimbra Issues Critical Security Patches for SQL Injection, XSS, and SSRF Flaws
Zimbra, a widely used collaboration and email platform, has released a series of critical security updates to patch vulnerabilities that
Critical Trimble Cityworks Flaw Under Attack: CISA Issues Urgent Alert
Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding an actively exploited security vulnerability in Trimble Cityworks,
Critical Veeam Flaw Exposes Backup Systems to Remote Code Execution
Veeam has released security patches to fix a critical vulnerability in its Backup software that could allow attackers to execute
Lightning AI Security Breach: Hidden URL Parameter Could Have Given Hackers Root Access
Cybersecurity researchers have uncovered a critical vulnerability in the Lightning AI Studio development platform that could have enabled remote code
J-magic Backdoor: Juniper Routers Under Attack by Magic Packet Exploit
Juniper Networks, a key provider of enterprise-grade networking solutions, has become the focal point of a sophisticated cyber campaign labeled
CISA Warns of Active Exploitation of Five-Year-Old jQuery Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a medium-severity cross-site scripting (XSS) vulnerability, CVE-2020-11023, to its
PANdora’s Box: Palo Alto Firewall Secure Boot Bypass and Firmware Exploits
An in-depth evaluation of three firewall models from Palo Alto Networks has exposed significant vulnerabilities, ranging from Secure Boot bypass
Zero-Click Exploit in Google Messages Affecting Galaxy S23 and S24 Models
A security flaw affecting Samsung smartphones has been uncovered, posing a significant risk to user safety. Cybersecurity researchers have detailed
CISA Warns of Active Exploitation in Mitel and Oracle Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about three critical vulnerabilities impacting Mitel MiCollab and