SIEM as a Service

Cyber Security News

Cyber threats evolve every day, making it crucial to stay informed. Our cybersecurity news blog delivers the latest updates on data breaches, ransomware attacks, and industry trends. From global incidents to niche threats, we cover it all, ensuring you stay ahead of cybercriminals.

Discover breaking news on ransomware, phishing attacks, and emerging vulnerabilities. We also provide expert analysis to help businesses and individuals understand the implications of these threats.

North Korean IT Workers Demands Ransomware By Stealing Companies Source Codes 

North Korean IT workers masquerading as remote workers have been breaking into Western companies, stealing confidential source codes, and requesting ransoms to prevent their release. This emerging threat, flagged by the Federal Bureau of Investigation...
Bypassing EDR Detection

Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level

Adversaries continue to innovate methods to bypass Endpoint Detection and Response (EDR) systems. An exceptionally sophisticated approach involves leveraging hardware breakpoints at the CPU level to evade detection mechanisms such as Event Tracing for...
phpMyAdmin Triggers XSS Attacks

phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables

A moderate-severity Cross-Site Scripting (XSS) vulnerability has been identified in phpMyAdmin, a widely used open-source tool for managing MySQL databases.  This flaw, tracked as CVE-2025-24530, affects versions 5.x prior to 5.2.2 and is linked to...
Ransomware Attacking VMware ESXi Hosts

New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling

New ransomware strains are quietly infiltrating VMware ESXi hosts by setting up SSH tunnels and concealing malicious traffic within legitimate activity. This stealth tactic allows attackers to access critical virtual machine environments without triggering many...
Outlook Zero-Click RCE Vulnerability

PoC Exploit Released For Critical Microsoft Outlook (CVE-2025-21298) Zero-Click RCE Vulnerability

A new proof-of-concept (PoC) has been released for Microsoft Outlook zero-click remote code execution (RCE) vulnerability in Windows Object Linking and Embedding (OLE), identified as CVE-2025-21298. The PoC demonstrates memory corruption, shedding light on the...
Subaru Car Vulnerability

Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink

A critical vulnerability in Subaru's STARLINK connected vehicle service was discovered late last year, exposing millions of vehicles and customer accounts across the United States, Canada, and Japan to potential cyberattacks. Subaru is known...
Palo Alto Firewall Vulnerabilities

Critical Palo Alto Firewall Vulnerabilities Let Hackers Bypass Secure Boot & Exploit Firmware

A recent cybersecurity report has identified critical vulnerabilities in Palo Alto Networks firewall devices that could enable attackers to bypass Secure Boot protections, exploit firmware-level flaws, and obtain elevated privileges, allowing them to maintain...
Fake Microsoft Teams Page

Fake Microsoft Teams Page Drops Malware On Windows By Exploiting Bing Ads

Unit 42 researchers Bradley Duncan and Zach Diehl uncovered a malicious campaign exploiting Bing search advertisements to deliver malware through deceptive websites impersonating legitimate software pages. This alarming discovery highlights the growing trend of...

Tycoon 2FA Phishing Kit Using Specially Crafted Code To Evade Detection

The cybersecurity landscape faces a growing threat with the emergence of the Tycoon 2FA phishing kit, a sophisticated Phishing-as-a-Service (PhaaS) platform designed to bypass MFA and evade detection. First identified in August 2023, Tycoon 2FA...
GhostGPT Jailbreak Version of ChatGPT

GhostGPT – New AI Black Hat Tool Used by Hackers to Generative Malware &...

The development of generative AI offered both opportunities for beneficial productivity transformation and opportunities for malicious exploitation.  GhostGPT, an uncensored AI chatbot created specifically for cybercrime, is the most recent threat in this domain. GhostGPT, which...
SIEM as a Service

Recent Posts

VAPT Tools

10 Best Vulnerability Assessment and Penetration Testing (VAPT) Tools in 2025

Vulnerability Assessment and Penetration Testing (VAPT) tools are an integral part of any cybersecurity toolkit, playing a critical role in identifying, analyzing, and remediating...