Trending Now
Cyber Security News
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers can exploit lesser-known billing...
Threat Actors Exploit Google Apps Script to Host Phishing Sites
The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development platform within Google’s ecosystem...
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as "Dadsec."
Since...
Beware: Weaponized AI Tool Installers Infect Devices with Ransomware
Cisco Talos has uncovered a series of malicious threats masquerading as legitimate AI tool installers, targeting unsuspecting users and businesses across multiple industries.
These...
Pure Crypter Uses Multiple Evasion Methods to Bypass Windows 11 24H2 Security Features
Pure Crypter, a well-known malware-as-a-service (MaaS) loader, has been recognized as a crucial tool for threat actors targeting Windows-based systems in a thorough technical...
%20(1).webp?w=218&resize=218,150&ssl=1 "Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges")
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges
A recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security gap in Microsoft Entra ID that could allow external...
Microsoft Reveals Techniques for Defending Against Evolving AiTM Attacks
Microsoft has exposed the escalating sophistication of phishing attacks, particularly focusing on Adversary-in-the-Middle (AiTM) techniques that are becoming a cornerstone of modern cyber threats.
As...
Recent News
Threat Actors Exploit Nifty[.]com Infrastructure in Sophisticated Phishing Attack
Threat actors have orchestrated a multi-wave phishing campaign between April and May 2025, leveraging the legitimate infrastructure of Niftycom, a prominent Japanese Internet Service...
Earth Lamia Hackers Exploits Vulnerabilities in Web Applications to Attack Multiple Industries
Cybersecurity researchers at Trend Research have uncovered the aggressive operations of Earth Lamia, an Advanced Persistent Threat (APT) group with a China-nexus, targeting organizations...
%20(1)%20(1).webp?w=150&resize=150,150&ssl=1 "SentinelOne Recovers: Platform Back Online After Extended Outage")
SentinelOne Recovers: Platform Back Online After Extended Outage
On May 29, 2025, SentinelOne, a leading cybersecurity provider, experienced a significant platform outage that disrupted access to its commercial customer consoles worldwide.
The...
Novel Malware Evades Detection by Skipping PE Header in Windows
Researchers have identified a sophisticated new strain of malware that bypasses traditional detection mechanisms by entirely omitting the Portable Executable (PE) header in Windows...
Beware: Weaponized AI Tool Installers Infect Devices with Ransomware
Cisco Talos has uncovered a series of malicious threats masquerading as legitimate AI tool installers, targeting unsuspecting users and businesses across multiple industries.
These...
%20(1).webp?w=150&resize=150,150&ssl=1 "Safari Flaw Exploited by BitM Attack to Steal User Login Data")
Safari Flaw Exploited by BitM Attack to Steal User Login Data
A new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth.
Unlike...
%20(1).webp?w=150&resize=150,150&ssl=1 "Victoria’s Secret Website Taken Offline After Cybersecurity Breach")
Victoria’s Secret Website Taken Offline After Cybersecurity Breach
Victoria’s Secret, the iconic lingerie retailer, has taken its US website offline and suspended some in-store services following a major cybersecurity incident.
Customers attempting...
%20(1).webp?w=150&resize=150,150&ssl=1 "Multiple Vulnerabilities in Hardy Barth EV Station Allow Unauthenticated Network Access")
Multiple Vulnerabilities in Hardy Barth EV Station Allow Unauthenticated Network Access
Critical security flaws have been identified in the eCharge Hardy Barth cPH2 and cPP2 charging stations, specifically affecting firmware version 2.2.0.
These vulnerabilities, discovered...
.webp?w=150&resize=150,150&ssl=1 "Severe WSO2 SOAP Flaw Allows Unauthorized Password Resets for Any Use")
Severe WSO2 SOAP Flaw Allows Unauthorized Password Resets for Any Use
A newly disclosed vulnerability, CVE-2024-6914, has shocked the enterprise software community, affecting a wide range of WSO2 products.
The flaw, rated with a CVSS...
Most Popular
More
- Acquisition
- Adobe
- Adware
- AI
- Amazon
- Amazon AWS
- AMD
- Android
- Anti Virus
- Antimalware
- Antispoofing
- ANY RUN
- Apache
- API
- Apple
- APT
- Artificial Intelligence
- Avast
- AWS
- Azure
- Backdoor
- Bitcoin
- Bluetooth
- Botnet
- Browser
- Buffer over flow
- Bug Bounty
- Business
- Chatbots
- ChatGPT
- Checklist
- Chrome
- Cisco
- CISO
- CISO Advisory
- Cloud
- Cloud Security
- Cloudflare
- Computer Security
- Course
- CPU
- Cross site Scripting
- cryptocurrency
- Cryptocurrency hack
- CVE/vulnerability
- Cyber Advisory
- Cyber AI
- Cyber Attack
- Cyber Crime
- cyber security
- Cyber security Course
- Cyber Security News
- Cyber Security Resources
- Dark Web
- Data Breach
- Data Governance
- DDOS
- Deals
- DeepSeek
- DNS
- Dos Attack
- Drive
- Dropbox
- Education
- Email Security
- Exploit
- Exploitation Tools
- Extratorrents
- Featured
- Firefox
- Firefox News
- Firewall
- Forensics Tools
- game
- GitHub
- Gmail
- Google dorks
- Governance
- GRC
- Hacking Books
- Hacks
- Hardware Hacking
- HBO
- HTML
- HTTP
- IIS
- Incident Response
- Information Gathering
- Information Security Risks
- Infosec- Resources
- Insider Threats
- Intel
- Internet
- iOS
- IoT
- ISO
- IT