Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network […]
Category: Cyber Security News
Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications
Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to […]
Fortinet FortiWeb Zero-Day Exploited to Gain Full Admin Access
A critical zero-day vulnerability in Fortinet FortiWeb has been actively exploited in the wild, allowing attackers to gain complete administrator access without any prior authentication. […]
Agentic AI opens door to new ID challenges: Report
New research released Thursday by Rubrik Zero Labs finds that the AI wave, and in particular agentic AI, has created a “troubling gap between the […]
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data […]
Kerberoasting in 2025: How to protect your service accounts
Kerberoasting attacks let hackers steal service account passwords and escalate to domain admin, often without triggering alerts. Specops Software shares how auditing AD passwords, enforcing […]
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks. […] ​The original article found […]
New ‘IndonesianFoods’ worm floods npm with 100,000 packages
A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating large volumes of junk. […] ​The original article […]
RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited […]
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests’ Payment Data
A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per […]