Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the […]
Chrome Use-After-Free Flaw Lets Attackers Execute Arbitrary Code
Google has released a critical security update for Chrome browser users after discovering a dangerous use-after-free vulnerability that could allow cybercriminals to execute malicious code […]
Critical Veeam Backup RCE Flaws Allow Remote Execution of Malicious Code
Veeam has released an urgent security patch to address multiple critical remote code execution (RCE) vulnerabilities in Veeam Backup & Replication version 12. These flaws […]
Microsoft IIS Exploit Allows Unauthenticated Attackers to Run Arbitrary Code
A serious security flaw has been discovered in Microsoft’s Internet Information Services (IIS) that lets attackers run arbitrary code without logging in. The vulnerability affects […]
FortiOS CLI Bypass Flaw Lets Attackers Run Arbitrary System Commands
Fortinet has disclosed a security vulnerability affecting its FortiOS operating system that could allow attackers with administrative privileges to execute unauthorized system commands by bypassing […]
TigerJack Hackers Target Developer Marketplaces with 11 Malicious VS Code Extensions
Sophisticated Threat Actor Compromises 17,000+ Developers Through Trojan Extensions That Steal Code and Mine Cryptocurrency. Operating since early 2025 under multiple publisher accounts (ab-498, 498, […]
FortiPAM & FortiSwitch Manager Flaw Allows Attackers to Bypass Authentication
Fortinet has disclosed a critical security vulnerability affecting FortiPAM and FortiSwitchManager products that could enable attackers to bypass authentication mechanisms through brute-force attacks. The vulnerability, […]
Africa Remains Top Global Target, Even as Attacks Decline
Organizations across the continent saw 10% fewer attacks in September, but Africa remains the most attacked region in the world, leading the Global South. ​The […]
GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users
The GhostBat RAT campaign leverages diverse infection vectors—WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites—to distribute malicious Android droppers. Once installed, these droppers […]
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. […]