Year: 2025

In a sophisticated cyber espionage campaign, North Korean state-sponsored hackers have been targeting European defense companies, particularly those involved in unmanned aerial vehicle (UAV) technology. […]

Cybercriminals often exploit the path of least resistance, targeting users through deceptive tactics, outdated software components, and trusted systems like OAuth and package registries. This […]

In recent developments, cybercriminals and state-sponsored entities have refined their tactics to exploit OAuth applications, securing enduring access to compromised cloud environments. This method allows […]

On October 22, 2025, the Internet Systems Consortium (ISC) disclosed three high-severity vulnerabilities in BIND 9, the widely used Domain Name System (DNS) software. These […]

Oracle has recently disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software, potentially allowing attackers to achieve complete control over the VirtualBox environment. […]

A significant security flaw, known as TARmageddon and designated as CVE-2025-62518, has been identified in the Rust programming language’s async-tar library and its derivatives, notably […]

The Impacket toolkit, a cornerstone in penetration testing, has undergone a significant upgrade within the Kali Linux repository. Managed by Fortra’s cybersecurity team, this latest […]

Atlassian has recently identified a significant security flaw in its Jira Software Data Center and Server platforms. This vulnerability, cataloged as CVE-2025-22167, is a path […]

A critical security flaw has been identified in Motex LANSCOPE Endpoint Manager, a widely used tool for managing IT assets across networks. This vulnerability, designated […]

A critical security flaw, identified as CVE-2025-54236 and dubbed SessionReaper, has been discovered in Adobe’s Magento e-commerce platform. This vulnerability allows unauthenticated attackers to hijack […]