Ivanti Addresses Critical EPMM Zero-Day Vulnerabilities Exploited in Code Execution Attacks
Ivanti has alerted its clientele regarding critical security vulnerabilities identified in the Ivanti Endpoint Manager Mobile (EPMM) software, emphasizing the urgency of applying patches to mitigate risks associated with…
Ivanti has alerted its clientele regarding critical security vulnerabilities identified in the Ivanti Endpoint Manager Mobile (EPMM) software, emphasizing the urgency of applying patches to mitigate risks associated with…
Turkey-Aligned Hackers Exploit Zero-Day Vulnerability to Target Iraqi Kurdish Entities
A cyber threat actor, believed to have connections with Turkish governmental interests, has been detected exploiting unpatched user accounts affected by a vulnerability (CVE-2025-27920) in Output Messenger, a multiplatform…
A cyber threat actor, believed to have connections with Turkish governmental interests, has been detected exploiting unpatched user accounts affected by a vulnerability (CVE-2025-27920) in Output Messenger, a multiplatform…
Zoom Addresses Critical Vulnerability in Recent Update
Zoom has addressed several security vulnerabilities within its Workplace Apps, including a particularly high-risk flaw. The company is urging users to promptly update their applications to mitigate potential risks…
Zoom has addressed several security vulnerabilities within its Workplace Apps, including a particularly high-risk flaw. The company is urging users to promptly update their applications to mitigate potential risks…
International Cybercrime Addressed: Amsterdam Police and FBI Successfully Neutralize Proxy Service Anyproxy
In a significant international operation, law enforcement authorities from Amsterdam, in collaboration with the Public Prosecution Service and the U.S. Federal Bureau of Investigation (FBI), have successfully dismantled the…
In a significant international operation, law enforcement authorities from Amsterdam, in collaboration with the Public Prosecution Service and the U.S. Federal Bureau of Investigation (FBI), have successfully dismantled the…
Compromised PyPI Package Imitating Solana Tool Leads to Source Code Exfiltration in 761 Instances
Cybersecurity researchers have identified a malicious package within the Python Package Index (PyPI) repository, masquerading as an application related to the Solana blockchain. This package, termed solana-token, has been…
Cybersecurity researchers have identified a malicious package within the Python Package Index (PyPI) repository, masquerading as an application related to the Solana blockchain. This package, termed solana-token, has been…
SAP Addresses Second Zero-Day Vulnerability Targeted in Recent Attack Campaigns
SAP has released critical security patches to address a second vulnerability that has been exploited in recent attacks targeting SAP NetWeaver servers. The new vulnerability, identified as CVE-2025-42999, was…
SAP has released critical security patches to address a second vulnerability that has been exploited in recent attacks targeting SAP NetWeaver servers. The new vulnerability, identified as CVE-2025-42999, was…
DPRK-Backed TA406 Conducts Malicious Campaigns Against Ukraine
A new cyber espionage campaign has emerged, targeting Ukrainian government entities, according to recent findings from cybersecurity researchers. This operation has been linked to the North Korean state-aligned threat…
A new cyber espionage campaign has emerged, targeting Ukrainian government entities, according to recent findings from cybersecurity researchers. This operation has been linked to the North Korean state-aligned threat…
CISA Includes TeleMessage Vulnerability in KEV List After Security Breach
CISA has officially added a vulnerability found in TeleMessage to its Known Exploited Vulnerabilities (KEV) list. This decision comes in light of a recent breach that compromised multiple organizations,…
CISA has officially added a vulnerability found in TeleMessage to its Known Exploited Vulnerabilities (KEV) list. This decision comes in light of a recent breach that compromised multiple organizations,…
Investigation Initiated into N.W.T. Medical Record System Following Two Reported Incidents of Unauthorized Access
Medical records represent some of the most sensitive information managed by government agencies. Recent incidents involving employees of the Northwest Territories Health and Social Services Authority underscore the vulnerability…
Medical records represent some of the most sensitive information managed by government agencies. Recent incidents involving employees of the Northwest Territories Health and Social Services Authority underscore the vulnerability…
North Korean Konni APT Leverages Malware to Monitor Developments in the Russian Invasion of Ukraine
The North Korean threat actor known as Konni APT has recently been implicated in a phishing campaign targeting government entities in Ukraine, expanding its focus beyond previous targets in…
The North Korean threat actor known as Konni APT has recently been implicated in a phishing campaign targeting government entities in Ukraine, expanding its focus beyond previous targets in…
North Korea Intensifies Cyber Espionage Activities in Ukraine to Evaluate Conflict Risks
The state-sponsored North Korean hacking group known as Konni (also referred to as Opal Sleet or TA406) has intensified its cyber espionage operations directed at Ukrainian governmental organizations. This…
The state-sponsored North Korean hacking group known as Konni (also referred to as Opal Sleet or TA406) has intensified its cyber espionage operations directed at Ukrainian governmental organizations. This…
European Vulnerability Database Introduced in Response to US CVE Disruptions
Europe’s cybersecurity agency has officially launched a comprehensive vulnerability database initiative, aimed to aid network defenders amidst ongoing challenges in the U.S. vulnerability management sector.
The new European Vulnerability…
Europe’s cybersecurity agency has officially launched a comprehensive vulnerability database initiative, aimed to aid network defenders amidst ongoing challenges in the U.S. vulnerability management sector.
The new European Vulnerability…
Data Breach: Exposure of Information from 3 Million Students and Coaches in PrepHero-Linked Database
A recent security breach at PrepHero, a college recruiting platform, has resulted in the exposure of millions of unencrypted records, encompassing sensitive personal information of users. This incident raises…
A recent security breach at PrepHero, a college recruiting platform, has resulted in the exposure of millions of unencrypted records, encompassing sensitive personal information of users. This incident raises…
Microsoft Addresses 78 Vulnerabilities, Including 5 Exploited Zero-Day Threats; Critical CVSS 10 Vulnerability Affects Azure DevOps Server
Microsoft has released updates to address 78 security vulnerabilities across its software ecosystem, including five critical zero-day vulnerabilities currently under active exploitation.
Among the resolved vulnerabilities, 11 have been…
Microsoft has released updates to address 78 security vulnerabilities across its software ecosystem, including five critical zero-day vulnerabilities currently under active exploitation.
Among the resolved vulnerabilities, 11 have been…
Twilio Refutes Claims of Data Breach in Response to Alleged Leakage of Steam Two-Factor Authentication Codes
Twilio has issued a statement denying any breach of its systems after a threat actor claimed to possess over 89 million Steam user records, including one-time access codes. The…
Twilio has issued a statement denying any breach of its systems after a threat actor claimed to possess over 89 million Steam user records, including one-time access codes. The…
Emerging ‘Chihuahua Stealer’ Malware Compromises Browser Data and Cryptocurrency Wallets
A new infostealer, identified as “Chihuahua Stealer,” combines traditional malware tactics with advanced functionalities, raising concerns within the cybersecurity community. The malware was initially reported by a Reddit user…
A new infostealer, identified as “Chihuahua Stealer,” combines traditional malware tactics with advanced functionalities, raising concerns within the cybersecurity community. The malware was initially reported by a Reddit user…
Apple Agrees to Settlement of $95 Million in Siri Surveillance Litigation – Application Details Enclosed
Apple has agreed to pay $95 million to settle allegations regarding unauthorized recordings made by Siri, its voice-activated assistant. This settlement comes in response to claims that the company…
Apple has agreed to pay $95 million to settle allegations regarding unauthorized recordings made by Siri, its voice-activated assistant. This settlement comes in response to claims that the company…
CTM360 Discovers Increased Incidence of Phishing Attacks Aimed at Meta Business Users
A new global phishing threat identified as “Meta Mirage” has emerged, specifically targeting organizations that utilize Meta’s Business Suite. This campaign primarily focuses on hijacking high-value accounts associated with…
A new global phishing threat identified as “Meta Mirage” has emerged, specifically targeting organizations that utilize Meta’s Business Suite. This campaign primarily focuses on hijacking high-value accounts associated with…
Microsoft Addresses Booting Challenges on Dual-Boot Windows and Linux Environments
Microsoft has addressed a significant issue that was preventing Linux from booting on dual-boot systems where Secure Boot was enabled, following the installation of the August 2024 Windows security…
Microsoft has addressed a significant issue that was preventing Linux from booting on dual-boot systems where Secure Boot was enabled, following the installation of the August 2024 Windows security…
Android Enterprise Introduces Device Trust for Enhanced Security
A new security solution, Device Trust, has been introduced by Android Enterprise to enhance the security of Android devices. This initiative is particularly timely as organizations navigate the complexities…
A new security solution, Device Trust, has been introduced by Android Enterprise to enhance the security of Android devices. This initiative is particularly timely as organizations navigate the complexities…
Xinbi Telegram Marketplace Linked to $8.4 Billion in Cryptocurrency-Related Criminal Activities, Including Romance Scams and North Korean Money Laundering
A Telegram-based marketplace facilitating illicit transactions, named Xinbi Guarantee, has processed transactions totaling approximately $8.4 billion since its inception in 2022. This establishment has emerged as the second notable…
A Telegram-based marketplace facilitating illicit transactions, named Xinbi Guarantee, has processed transactions totaling approximately $8.4 billion since its inception in 2022. This establishment has emerged as the second notable…