Windows 11’s New Compression Formats Pose Security Risks with libarchive
Microsoft introduced a major update to Windows 11 (KB5031455), adding native support for 11 new compression formats, including RAR and 7z.
This update aimed to enhance user convenience by enabling file management directly within File...
Progress LoadMaster Security Vulnerability let Attackers Execute Arbitrary System Commands
Progress has disclosed multiple critical security vulnerabilities affecting its LoadMaster product line, including the Multi-Tenant (MT) hypervisor.
These vulnerabilities, identified as CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, and CVE-2024-56135, allow attackers to execute arbitrary system commands or...
Canon Printer Vulnerabilities Let Attackers Execute Arbitrary Code Remotely
Multiple critical security vulnerabilities affecting Canon Laser Printers and Small Office Multifunctional Printers.
These vulnerabilities, identified as buffer overflow flaws, could allow attackers to execute arbitrary code remotely or render the devices inoperative through Denial-of-Service...
OPNsense 25.1 Released With Improved Security Zones & FreeBSD 14.2 Plus
OPNsense, the widely recognized open-source firewall and routing platform, celebrates its 10th anniversary with the release of version 25.1, codenamed "Ultimate Unicorn."
This milestone release introduces significant upgrades, including enhanced security zone configurations, a redesigned...
Critical Cacti Vulnerability Let Attackers Code Remotely – PoC Released
The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severity.
It allows authenticated users with device management permissions to execute...
EU Sanctioned Three Russian Hackers for Attacking Govt Agencies
The European Union today imposed sanctions on three Russian military intelligence officers for their involvement in a series of cyberattacks targeting Estonian government agencies in 2020.
The individuals, identified as Nikolay Alexandrovich Korchagin, Vitaly Shevchenko,...
New Phishing Attack Using zero-width Characters to Bypass Security Filters
Cybercriminals are employing sophisticated strategies to bypass email security filters, creating phishing emails that are undetectable by utilizing HTML entities and zero-width characters.
This new wave of attacks, dubbed "Shy Z-WASP," combines zero-width joiners and...
WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
A recently discovered security vulnerability dubbed "BreakingWAF" in the configuration of web application firewall (WAF) services has left numerous Fortune 1000 companies vulnerable to cyberattacks, according to Zafran, a leading cybersecurity research team.
The...
Isreali NSO Group’s Pegasus Spyware Detected in New Mobile Devices
Cybersecurity researchers from iVerify have revealed widespread new infections of the Pegasus spyware, developed by NSO Group (dubbed "Rainbow Ronin"), showing that spyware targets not only activists and journalists but also professionals and civilians.
The...
AWS Launched New Security Incident Response Service to Boost Enterprise Security
Amazon Web Services (AWS) unveiled a new service, AWS Security Incident Response, designed to help organizations manage security events efficiently.
As cyber threats become increasingly complex, this service offers a comprehensive solution to prepare...