For decades, vulnerability management operated within a comfortable buffer: the months between identifying a vulnerability and its potential exploitation. This allowed security teams to assess, […]
Category: Cybersecurity News
Stay informed about the ever-evolving world of digital threats and defenses with our Cyber Security News category. Here, you’ll find the latest breaking news, in-depth analysis, and expert insights on everything related to cybersecurity. From data breaches and ransomware attacks to emerging threats and innovative security solutions, we cover the critical issues impacting individuals, businesses, and governments worldwide. Keep up-to-date on the latest vulnerabilities, best practices, and trends shaping the future of online security.
Hackers Exploit VMware Binary to Deploy NIGHTFORGE Loader
Cybersecurity researchers have uncovered a sophisticated espionage campaign targeting Cambodian government institutions. Attackers are leveraging a legitimate, VMware-signed binary to deploy a custom loader named […]
GreatXML Exploit Bypasses BitLocker via Windows Defender Offline Scan
A newly disclosed zero-day vulnerability, termed GreatXML, allows attackers with physical access to bypass BitLocker encryption on Windows systems by exploiting the Windows Defender Offline […]
Critical Vulnerabilities in Splunk Enterprise Allow Remote Exploits
Splunk has disclosed multiple vulnerabilities in its Enterprise platform, some of which are critical and could allow remote attackers to execute malicious scripts, exfiltrate sensitive […]
Hackers Exploit AWS and Google Cloud Logging to Evade Detection
Cyber attackers are increasingly targeting cloud logging services like AWS CloudTrail and Google Cloud Logging to conceal their activities and exfiltrate sensitive data. These services, […]
OceanLotus Targets Vietnamese Investors with SPECTRALVIPER Malware
The Vietnam-aligned cyber espionage group known as OceanLotus has been linked to two distinct campaigns targeting domestic entities and stock investors, deploying a backdoor named […]
China-Linked JDY Botnet Expands, Targets SOHO and IoT Devices
A China-linked botnet known as JDY has significantly expanded its reach, now controlling over 1,500 small office/home office (SOHO) and Internet of Things (IoT) devices […]
GitHub to Disable npm Install Scripts by Default in Version 12
GitHub has announced significant changes in the upcoming npm version 12, scheduled for release next month, aimed at enhancing software supply chain security. A key […]
Ivanti EPMM Vulnerability Allows Remote Code Execution
A critical vulnerability, identified as CVE-2026-6973, has been discovered in Ivanti Endpoint Manager Mobile (EPMM), potentially allowing authenticated attackers to execute remote code by injecting […]
ServiceNow Confirms Vulnerability Allowing Unauthorized Data Access
ServiceNow has acknowledged a security vulnerability that permitted unauthorized actors to query customer instance tables, potentially exposing sensitive data across enterprise environments. The flaw involved […]