Tenable Research has disclosed a critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure’s Code Editor that enabled attackers to silently hijack victim Cloud […]
Category: Cyber Security News
CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025
The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most […]
Iranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Researchers and Academics
Iranian state-backed Advanced Persistent Threat (APT) groups and their hacktivist allies have stepped up operations that could spark worldwide cyber retaliation in the wake of […]
Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data
Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts. […]
Threat Actors Deploy 28+ Malicious Packages to Spread Protestware Scripts
Socket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major escalation […]
PyPI Blocks Inbox.ru Domains After 1,500+ Fake Package Uploads
The Python Package Index (PyPI) has implemented an administrative block on the inbox.ru email domain, prohibiting its use for new user registrations and as additional […]
Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors. “Targets of these campaigns ranged from organizations […]
Critical SharePoint RCE Vulnerability Exploited via Malicious XML in Web Part
A severe remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint that allows attackers to execute arbitrary code through malicious XML content embedded […]
Hackers Actively Exploited CitrixBleed 2 Flaw Ahead of PoC Disclosure
Cybersecurity researchers have discovered that threat actors began exploiting the critical CitrixBleed 2 vulnerability nearly two weeks before a public proof-of-concept was released, highlighting the […]
Cisco Unified Intelligence Center Flaw Lets Remote Attackers Upload Arbitrary Files
A critical security vulnerability has been discovered in Cisco’s Unified Intelligence Center that allows authenticated remote attackers to upload arbitrary files to affected systems, potentially […]