.webp)
Security researchers at SEC Consult have discovered a significant vulnerability in CrowdStrike’s Falcon Sensor that allowed attackers to bypass detection mechanisms and execute malicious applications. […]
Category: Cyber Security News
Sitecore 0-Day Vulnerability Let Attackers Execute Remote Code
A newly disclosed critical vulnerability in Sitecore Experience Platform (CVE-2025-27218) allows unauthenticated attackers to execute arbitrary code on unpatched systems. The flaw, rooted in insecure […]
Misconfigured Apache Airflow Servers Exposes Login Credentials to Hackers
A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and other services, leaving organizations vulnerable […]
Two Hackers Arrested For ATM Jackpotting by Deploying Malware
Federal prosecutors unsealed criminal complaints today against David Jose Gomez Cegarra, 24, and Jesus Segundo Hernandez-Gil, 19, members of the Tren de Aragua Gang, for […]
Google Announces AI-Powered Scam Detector For Android Users
In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text messages and voice calls. The […]
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in […]
ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings
A critical Insecure Direct Object Reference (IDOR) vulnerability chain in ZITADEL’s administration interface (CVE-2025-27507) has exposed organizations to systemic risks of account takeover and configuration […]
US charges 12 Chinese hackers in major government-backed espionage campaign
US authorities have announced criminal charges against 12 Chinese nationals allegedly involved in a long-running cyber-espionage campaign tied to China’s government. The Justice Department (DOJ) […]
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on […]
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing […]