Threat actors have increasingly adopted ClickFix, a sophisticated social engineering technique that deceives users into executing malicious commands under the guise of resolving common computer […]
Category: Cyber Security News
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of […]
Pay2Key Ransomware Gang Resurfaces With Incentives to Attack US, Israel
The ransomware-as-a-service (RaaS) operation, which has been tied to an Iranian advanced persistent threat (APT) group, recently boosted its affiliate profit share to 80% for […]
350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE
Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called “PerfektBlue.” […]
SLOW#TEMPEST Hackers Adopt New Evasion Tactics to Bypass Detection Systems
Security researchers have uncovered a sophisticated evolution in the SLOW#TEMPEST malware campaign, where threat actors are deploying innovative obfuscation methods to evade detection and complicate […]
Qilin Leads in Exploiting Unpatched Fortinet Vulnerabilities
The Qilin group has surged to prominence by aggressively exploiting critical vulnerabilities in Fortinet devices, underscoring a broader trend of sophisticated cyber extortion tactics targeting […]
Arkana Ransomware Gang Claims Theft of 2.2 Million Customer Records
The Arkana ransomware group burst onto the cybercrime scene with a high-profile attack on WideOpenWest (WOW!), a prominent U.S. internet service provider, in late March. […]
As Cyber-Insurance Premiums Drop, Coverage Is Key to Resilience
Cyber-insurance premiums continue to decline from their explosive growth from 2020 to 2022, but coverage is more important than ever to manage risks, experts say. […]
Mis-scoped AWS Organizations Policy Allowed Hackers to Seize Full Control of AWS Environment
Security professionals have uncovered serious vulnerabilities in AWS Organizations in a ground-breaking study by Cymulate Research Labs that might allow attackers to switch between accounts, […]
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. […]