Kayal
CVE/vulnerability
Zero-Click Outlook RCE Vulnerability (CVE-2025-21298), PoC Released
Microsoft issued a critical patch to address CVE-2025-21298, a zero-click Remote Code Execution (RCE) vulnerability in Windows Object Linking and Embedding (OLE).This flaw exploits...
Cyber Attack
Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks
A new report has put the spotlight on potential security vulnerabilities within the popular open-source framework Next.js, demonstrating how improper caching mechanisms can lead...
Browser
New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies
The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing by web servers.This technique allows attackers to manipulate HTTP...
ChatGPT
GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits
Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also come with a dark side.Cybercriminals are increasingly exploiting AI...
Cyber Security News
Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection
The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers to launch increasingly sophisticated phishing campaigns.One such advanced PhaaS...
Ransomware
Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques
CYFIRMA's Research and Advisory team has identified a new strain of ransomware labeled "Nnice," following the continuous monitoring of underground forums as part of...
cyber security
Microsoft Unveils New Identity Secure Score Recommendations in General Availability
Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational security and providing actionable...
Microsoft
Hackers Deliver Ransomware on Windows Via Microsoft Teams Voice Calls
Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat actor clusters exploiting Microsoft Office 365 to target organizations.Identified as...
Join our community of SUBSCRIBERS and be part of the conversation.
To subscribe, simply enter your email address on our website or click the subscribe button below. Don't worry, we respect your privacy and won't spam your inbox. Your information is safe with us.