Day: October 24, 2025

On October 23, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical security vulnerability affecting Motex Lanscope Endpoint Manager to its Known […]

In a significant cybersecurity incident, over 250 Magento-based e-commerce stores have been compromised within a 24-hour period. This surge in attacks is attributed to the […]

Cybersecurity experts have recently uncovered a cybercriminal organization known as ‘Jingle Thief,’ which has been actively infiltrating cloud infrastructures of companies in the retail and […]

In the rapidly evolving digital landscape, organizations are increasingly moving away from static secrets—such as API keys, passwords, and tokens—in favor of managed identities. This […]

In a sophisticated cyber espionage campaign, North Korean state-sponsored hackers have been targeting European defense companies, particularly those involved in unmanned aerial vehicle (UAV) technology. […]

Cybercriminals often exploit the path of least resistance, targeting users through deceptive tactics, outdated software components, and trusted systems like OAuth and package registries. This […]

In recent developments, cybercriminals and state-sponsored entities have refined their tactics to exploit OAuth applications, securing enduring access to compromised cloud environments. This method allows […]

On October 22, 2025, the Internet Systems Consortium (ISC) disclosed three high-severity vulnerabilities in BIND 9, the widely used Domain Name System (DNS) software. These […]

Oracle has recently disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software, potentially allowing attackers to achieve complete control over the VirtualBox environment. […]

A significant security flaw, known as TARmageddon and designated as CVE-2025-62518, has been identified in the Rust programming language’s async-tar library and its derivatives, notably […]