Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site scripting (XSS) and server-side request forgery (SSRF) attacks. These vulnerabilities, often overlooked in web […]
Author: cyberbytes
Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims
A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed a surge in malicious activity tied to the Luna Moth hacking […]
Apache Parquet Java Vulnerability Enables Remote Code Execution
A high-severity vulnerability (CVE-2025-46762) has been discovered in Apache Parquet Java, exposing systems using the parquet-avro module to remote code execution (RCE) attacks. The flaw, […]
Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis
A researcher has unveiled a novel integration between AI-powered Copilot and Microsoft’s WinDbg, dramatically simplifying Windows crash dump analysis. For decades, debugging Windows crash dumps […]
SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control
Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the “SonicBoom Attack Chain,” which allows hackers to bypass authentication and seize administrative control over […]
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune […]
CISO vs CFO: why are the conversations difficult?
When CISOs walk into budget meetings they often ask for money to prevent abstract disasters: events that haven’t happened and hopefully never will. Unlike other […]
12 most innovative launches at RSA 2025
The RSA 2025 conference didn’t just belong to the usual suspects. This year, a new wave of security innovators – some making their debut at […]
NCSC Warns of Ransomware Attacks Targeting UK Organisations
National Cyber Security Centre (NCSC) has issued technical guidance following a series of cyber attacks targeting UK retailers. These incidents have prompted concerns about the […]
Claude AI Abused in Influence-as-a-Service Operations and Campaigns
Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of adversarial operations, most notably a financially motivated “influence-as-a-service” campaign. This […]