Securing Active Directory (AD) is a critical priority for organizations. Misconfigurations in AD, such as excessive permissions, outdated protocols, or unprotected service accounts, are common […]
_Wirestock_Inc._Alamy.jpg)
CISA Cuts: A Dangerous Gamble in a Dangerous World
The Cybersecurity and Infrastructure Security Agency’s role in risk management needs to expand, not shrink. ​The original article found on darkreading Read More
Two Hackers Arrested For ATM Jackpotting by Deploying Malware
Federal prosecutors unsealed criminal complaints today against David Jose Gomez Cegarra, 24, and Jesus Segundo Hernandez-Gil, 19, members of the Tren de Aragua Gang, for […]
Misconfigured Apache Airflow Servers Exposes Login Credentials to Hackers
A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and other services, leaving organizations vulnerable […]
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing […]
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on […]
US charges 12 Chinese hackers in major government-backed espionage campaign
US authorities have announced criminal charges against 12 Chinese nationals allegedly involved in a long-running cyber-espionage campaign tied to China’s government. The Justice Department (DOJ) […]
ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings
A critical Insecure Direct Object Reference (IDOR) vulnerability chain in ZITADEL’s administration interface (CVE-2025-27507) has exposed organizations to systemic risks of account takeover and configuration […]
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in […]
Google Announces AI-Powered Scam Detector For Android Users
In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text messages and voice calls. The […]