Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, […]
Author: cyberbytes
Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team
Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report […]
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in […]
Microsoft Alerts on AD CS Flaw Enabling Remote Denial-of-Service Attacks
Microsoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as CVE-2025-29968, which could allow authenticated […]
Weaponized PyPI Package Targets Developers to Steal Source Code
Security researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on developers working with the Solana […]
ENISA Launches European Vulnerability Database to Bolster EU Cyber Resilience
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), a strategic move designed to enhance digital security across the bloc […]
Windows CLFS Zero-Day Vulnerability Actively Exploited in the Wild
Microsoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being exploited in the wild. Released […]
Researchers Unveil New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse
A group of cybersecurity specialists from Hunters, working under the prestigious Team Axon, have presented sophisticated threat-hunting techniques in a ground-breaking research paper titled “Mastering […]
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
EclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat […]
Windows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin Access
Microsoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock, tracked as CVE-2025-32709. This use-after-free flaw […]