Apple has recently issued a critical security advisory concerning three zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—that have been actively exploited in sophisticated attacks. These vulnerabilities affect […]
Month: April 2025
Microsoft Identifies Critical Vulnerabilities in GRUB2, U-Boot, and Barebox Bootloaders
Microsoft’s security team has recently uncovered multiple critical vulnerabilities in widely used bootloaders, including GRUB2, U-Boot, and Barebox. These flaws pose significant risks, potentially allowing […]
Check Point Confirms Data Breach, Downplays Impact Amid Expert Scrutiny
On March 30, 2025, the threat actor known as CoreInjection claimed responsibility for a data breach involving Check Point Software Technologies. The following day, Check […]
HijackLoader’s Evolution: Advanced Evasion Techniques and Modular Enhancements
HijackLoader, also known as IDAT Loader and GHOSTPULSE, is a sophisticated malware loader first identified in 2023. It has recently undergone significant enhancements, incorporating advanced […]
Samsung Germany Data Breach Exposes 270,000 Customer Support Records
In March 2025, Samsung Germany experienced a significant data breach when a threat actor known as GHNA released 270,000 customer support tickets on hacking forums. […]
Critical Vulnerability in Rockwell Automation’s Verve Asset Manager Allows Unauthorized Command Execution
A significant security flaw has been identified in Rockwell Automation’s Verve Asset Manager, specifically affecting versions 1.39 and earlier. This vulnerability, designated as CVE-2025-1449, carries […]
Russian Hackers Exploit CVE-2025-26633 to Deploy SilentPrism and DarkWisp Backdoors
In March 2025, cybersecurity researchers identified a sophisticated cyberattack campaign orchestrated by a Russian hacking group known as Water Gamayun, also referred to as EncryptHub […]
Coordinated Login Scans Target PAN-OS GlobalProtect Gateways
In mid-March 2025, cybersecurity researchers identified a significant surge in login scanning activities targeting Palo Alto Networks’ PAN-OS GlobalProtect gateways. This coordinated effort involved nearly […]
Apple Releases Security Updates to Address Actively Exploited Vulnerabilities in Older iOS and macOS Devices
On April 1, 2025, Apple issued critical security updates targeting older iOS and macOS devices to address three vulnerabilities that have been actively exploited. These […]
Lucid PhaaS Exploits iMessage and RCS to Target 169 Entities Across 88 Countries
A sophisticated phishing-as-a-service (PhaaS) platform named Lucid has emerged, targeting 169 organizations across 88 countries through smishing attacks delivered via Apple iMessage and Rich Communication […]