SIEM as a Service
Home Cyber News

Cyber News

Explore the cutting edge of cybersecurity with our Cyber News category. We cover breaking updates on cyber threats, data breaches, ransomware attacks, and the latest tech innovations in security.

Our expert-driven content provides in-depth analyses of incidents, trends, and solutions to help individuals and businesses stay protected in an ever-evolving digital landscape.

From global hacking campaigns to critical vulnerabilities, we ensure you never miss the important stories shaping the world of cybersecurity. Subscribe to our Cyber News Alerts for real-time updates and weekly recaps. Stay informed, secure, and one step ahead of cyber threats.

CISA SonicWall 0-day RCE

CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability, CVE-2025-23006, affecting SonicWall’s Secure Mobile Access (SMA) 1000 series appliances. This vulnerability, actively exploited in the wild, poses...
Bypassing EDR Detection

Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level

Adversaries continue to innovate methods to bypass Endpoint Detection and Response (EDR) systems. An exceptionally sophisticated approach involves leveraging hardware breakpoints at the CPU level to evade detection mechanisms such as Event Tracing for...
Ransomware Attacking VMware ESXi Hosts

New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling

New ransomware strains are quietly infiltrating VMware ESXi hosts by setting up SSH tunnels and concealing malicious traffic within legitimate activity. This stealth tactic allows attackers to access critical virtual machine environments without triggering many...
Outlook Zero-Click RCE Vulnerability

PoC Exploit Released For Critical Microsoft Outlook (CVE-2025-21298) Zero-Click RCE Vulnerability

A new proof-of-concept (PoC) has been released for Microsoft Outlook zero-click remote code execution (RCE) vulnerability in Windows Object Linking and Embedding (OLE), identified as CVE-2025-21298. The PoC demonstrates memory corruption, shedding light on the...
GhostGPT Jailbreak Version of ChatGPT

GhostGPT – New AI Black Hat Tool Used by Hackers to Generative Malware &...

The development of generative AI offered both opportunities for beneficial productivity transformation and opportunities for malicious exploitation.  GhostGPT, an uncensored AI chatbot created specifically for cybercrime, is the most recent threat in this domain. GhostGPT, which...
VPN Service Provider Hacker Supply-Chain Attack

China Hackers Compromised VPN Service Provider in Supply-Chain Attack

A sophisticated supply-chain attack targeting a South Korean VPN provider. The attack has been attributed to a previously undisclosed China-aligned Advanced Persistent Threat (APT) group, now named PlushDaemon. The operation, discovered in May 2024, involved...
Record-breaking 5.6 Tbps DDoS Attack

Record-breaking 5.6 Tbps DDoS Attack From 13,000 Mirai Hacked Devices

Cloudflare recently thwarted the largest distributed denial-of-service (DDoS) attack ever recorded, peaking at an unprecedented 5.6 terabits per second (Tbps). The attack, which occurred on October 29, 2024, targeted an Internet Service Provider (ISP)...

50,000 Fortinet Firewalls Remain Vulnerable to Critical Zero-Day Exploit

As of January 22, 2025, nearly 50,000 Fortinet firewall devices remain exposed to a critical zero-day vulnerability (CVE-2024-55591) despite urgent warnings and available patches. The flaw, which has been actively exploited since November 2024, allows...
OWASP Top 10 2025 Smart Contract

OWASP Top 10 2025 – Most Critical Weaknesses Exploited/Discovered

The Open Web Application Security Project (OWASP) has released its much-anticipated Smart Contract Top 10 for 2025, a comprehensive awareness document aimed at equipping Web3 developers and security teams with the knowledge to combat...
Let's EncryLet's Encrypt 6-day Certificatespt 6-day Certificates

Let’s Encrypt Announces 6-day Validity Certificates

Let’s Encrypt, the non-profit certificate authority, has introduced six-day validity certificates, commonly referred to as short-lived certificates. This new offering, set to roll out in stages throughout 2025, represents a major shift in how digital...
SIEM as a Service

Recent Posts