Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
Mar 26, 2025Ravie LakshmananBrowser Security / Vulnerability Google has released out-of-band fixes…
CrushFTP warns users to patch unauthenticated access flaw immediately
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged…
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Mar 24, 2025Ravie LakshmananVulnerability / Cloud Security A set of five critical…
Critical flaw in Next.js lets hackers bypass authorization
A critical severity vulnerability has been discovered in the Next.js open-source web…
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
Mar 21, 2025Ravie LakshmananMalware / Cyber Attack Two known threat activity clusters…
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a…
10 Critical Network Pentest Findings IT Teams Overlook
Mar 21, 2025The Hacker NewsNetwork Security / Vulnerability After conducting over 10,000…
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
Mar 21, 2025Ravie LakshmananRansomware / BYOVD The threat actors behind the Medusa…
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a…