A severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full […]
Category: Cyber Security News
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of […]
Researchers Weaponize and Obfuscate .NET Assemblies Using MacroPack
Researchers at BallisKit have introduced a sophisticated scenario within their MacroPack Pro tool to obfuscate and weaponize .NET assemblies, significantly enhancing their stealth against modern […]
_Brain_light_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
How Geopolitical Tensions Are Shaping Cyber Warfare
In today’s cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day. The original article found on darkreading Read […]
AMI MegaRAC authentication bypass flaw is being exploitated, CISA warns
A critical authentication bypass by spoofing vulnerability in AMI MegaRAC SPx server management firmware is now being actively exploited by attackers, creating urgent pressure for […]
Threat Actors Exploit ChatGPT, Cisco AnyConnect, Google Meet, and Teams in Attacks on SMBs
Threat actors are increasingly leveraging the trusted names of popular software and services like ChatGPT, Cisco AnyConnect, Google Meet, and Microsoft Teams to orchestrate sophisticated […]
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an […]
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks
The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the […]
Cisco ISE Vulnerability Allows Remote Attackers to Execute Malicious Commands
Cisco has issued urgent security patches addressing two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) platforms. These flaws, […]
WhatsApp to Introduce AI-Powered Message Summaries for Faster Catch-Up
WhatsApp has announced the upcoming launch of “Message Summaries”—an AI-powered feature designed to help users quickly catch up on unread messages. Powered by Meta AI, […]