SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access...
SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface.
Tracked as CVE-2025-40595, the vulnerability carries a CVSS v3 score of...
Windows 11, Red Hat Linux, & Oracle VirtualBox Hacked – Pwn2Own Day 1
The first day of Pwn2Own Berlin 2025 wrapped up with a bang, as hackers showcased 11 exploit attempts, including AI-targeted attacks, and walked away with $260,000 in prizes.
The Pwn2Own competition, known for pushing...
Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data
FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users.
Detected between March 5 and March 14, 2025,...
North Korean Hackers Cash Out $300 Million From Record $1.46 Billion ByBit Crypto Heist
Lazarus Group hackers believed to be affiliated with North Korea's regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange.
The cybercriminals, identified as the...
Critical macOS Sandbox Vulnerability (CVE-2024-54498) PoC Exploit Released Online
A proof-of-concept exploit was released for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498.
Security researcher @wh1te4ever recently revealed a proof-of-concept (PoC) exploit showcasing how the flaw allows malicious applications to escape the...
.webp?w=324&resize=324,235&ssl=1 "Hackers Actively Exploited Ivanti VPN 0-Day Vulnerability (CVE-2025-0282): Technical Analysis")
Hackers Actively Exploited Ivanti VPN 0-Day Vulnerability (CVE-2025-0282): Technical Analysis
Ivanti publicly disclosed two critical vulnerabilities CVE-2025-0282 and CVE-2025-0283 affecting its Connect Secure (ICS) VPN appliances.
The announcement comes amidst alarming reports of active zero-day exploitation of CVE-2025-0282, identified by cybersecurity firm Mandiant as...
T-Mobile Sued Over Massive Data Breach Impacting Over 2 Million Users
Washington State Attorney General Bob Ferguson has filed a consumer protection lawsuit against T-Mobile, accusing the telecommunications giant of failing to adequately secure sensitive personal information, which led to a massive data breach affecting...
Mirai Botnet Exploiting Routers 0-Day Vulnerabilities to Launch DDoS Attack
Researchers have uncovered a sophisticated botnet, dubbed "Gayfemboy," which has been exploiting 0-day vulnerabilities in industrial routers.
First identified in February 2024 by cybersecurity experts at XLab, this botnet has demonstrated exceptional resilience and...
Casio Hacked – Attackers Compromised the Server Via Ransomware Attack
Global electronics manufacturer Casio Computers servers had been compromised in a ransomware attack, resulting in a significant data breach.
The cyberattack, which occurred on October 5, 2024, led to the unauthorized access of sensitive...
Nikki-Universal Cyber Attack – Hackers Claim 761.8 GB of Data Stolen
Nikki-Universal Co. Ltd., a prominent chemical manufacturer, has fallen victim to a sophisticated ransomware attack. The incident, which the company confirmed on December 27, 2024, involved the encryption of electronic data on some of...
Recent Posts
Securing Generative AI – Mitigating Data Leakage Risks
Generative artificial intelligence (GenAI) has emerged as a transformative force across industries, enabling content creation, data analysis, and decision-making breakthroughs.
However, its rapid adoption...