Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in the […]
Author: cyberbytes
HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation
HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through improper […]
Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens
A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth 2.0 Device Code Flow. Security […]
JSFireTruck Obfuscation Helps Cybercriminals Hijack Trusted Sites with Malicious JavaScript
A sophisticated and extensive cyber attack campaign has been uncovered, in which threat actors are compromising legitimate websites to inject highly obfuscated JavaScript code. Dubbed […]
Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten
Experten warnen vor einem neuen Bug in GitLab. II.studio – shutterstock.com Eine neue Sicherheitslücke in der Ultimate Enterprise Edition von GitLab ist laut einem Experten […]
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring […]
PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability
Microsoft addressed a high-severity elevation of privilege vulnerability (CVE-2025-21420) in its Windows Disk Cleanup Utility (cleanmgr.exe) during February 2025’s Patch Tuesday. The flaw, scoring 7.8 […]
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in […]
Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected
On June 12, 2025, concurrent infrastructure failures at Cloudflare and Google caused widespread service disruptions, highlighting vulnerabilities in modern cloud dependencies. The outages impacted critical […]
How to log and monitor PowerShell activity for suspicious scripts and commands
Consultants are often jacks of all trades, hired by multiple businesses — sometimes simultaneously — to solve problems before moving on to the next engagement. […]