The heat is back on Wireless LAN Controllers (WLCs) running Cisco IOS XE after technical details of a recently disclosed max-severity exploit were made public. […]
Category: Cyber Security News
New Safari XSS Vulnerability Exploits JavaScript Error Handling to Run Arbitrary Code
Cross-site scripting (XSS) remains one of the most persistent threats in web security, but most discussions focus on traditional vectors. A lesser-known but intriguing avenue […]
New Report: Governments Struggle to Regain Backdoor Access to Secure Communications
A crucial point has been reached in the conflict between personal privacy and governmental monitoring in a time when digital communication is essential. Governments worldwide […]
Hackers Abuse AI Tool Misconfigurations to Execute Malicious AI-Generated Payloads
A malicious threat actor has exploited a misconfigured instance of Open WebUI, a widely-used self-hosted AI interface with over 95,000 stars on GitHub, designed to […]
New Research Uncovers Strengths and Vulnerabilities in Cloud-Based LLM Guardrails
Cybersecurity researchers have shed light on the intricate balance of strengths and vulnerabilities inherent in cloud-based Large Language Model (LLM) guardrails. These safety mechanisms, designed […]
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization
In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, with coverage spilling […]
Beware: Fake Booking.com Sites Spread AsyncRAT Malware to Infect Devices
Cybercriminals have launched a devious campaign targeting users of gaming sites, social media platforms, and even sponsored ads by redirecting links to counterfeit Booking.com websites. […]
Threat Actors Exploit DevOps Web Server Misconfigurations to Deploy Malware
Threat actors have increasingly turned their attention to exploiting misconfigurations in DevOps-managed web servers to deploy malicious payloads. Recent investigations into web server vulnerabilities reveal […]
Splunk Universal Forwarder for Windows Flaw Grants Non-Admin Users Full Content Access
A critical security advisory (SVD-2025-0602) has been issued for Splunk Universal Forwarder for Windows, addressing a high-severity vulnerability (CVE-2025-20298) that exposes Windows systems to potential […]
The high cost of misconfigured DevOps: Global cryptojacking hits enterprises
A massive ongoing cryptojacking operation is actively exploiting misconfigured DevOps tools, including Nomad, Consul, Docker, and Gitea, to hijack computing power for cryptocurrency mining, Wiz […]