Cyber Security News
Google Launches Open-Source OSV-Scanner for Detecting Security Vulnerabilities
Google has announced the launch of OSV-Scanner V2, an open-source tool designed to enhance vulnerability scanning and remediation across various software ecosystems.This update follows the recent release of OSV-SCALIBR, another powerful...
CVE/vulnerability
New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat...
CVE/vulnerability
Fortinet FortiOS & FortiProxy Zero-Day Exploited to Hijack Firewall & Gain Super Admin Access
Cybersecurity firm Fortinet has issued an urgent warning regarding a newly discovered zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products.This...
CVE/vulnerability
Security Researchers Discover Critical RCE Vulnerability, Earned $40,000 Bounty
Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution (RCE).Their discovery earned...
Cyber Security News
New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware
Botnets are the networks of compromised devices that have evolved significantly since the internet's inception. Threat actors exploit vulnerabilities to control these devices remotely...
Botnet
New Botnet Exploiting D-Link Routers To Gain Control Remotely
Researchers observed a recent surge in activity from the "FICORA" and "CAPSAICIN," both variants of Mirai and Kaiten, respectively, which exploit known vulnerabilities in...
Bug Bounty
McDonald’s Delivery App Bug Let Customers Orders For Just $0.01
McDonald's India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald's food for delivery, dine-in, and...
cyber security
Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access
A joint Cybersecurity Advisory (CSA) warns of ongoing exploitation attempts by Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors using the online persona "CyberAv3ngers." These...
Cyber Security News
Malicious Supply Chain Attacking Moving From npm Community To VSCode Marketplace
Researchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability of the platform to supply chain attacks similar to...
Cyber Security News
Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released
A Proof of Concept (PoC) exploit for the critical path traversal vulnerability identified as CVE-2024-38819 in the Spring Framework has been released, shedding light...
Cyber Security News
New AI Tool To Discover 0-Days At Large Scale With A Click Of A Button
Vulnhuntr, a static code analyzer using large language models (LLMs), discovered over a dozen zero-day vulnerabilities in popular open-source AI projects on Github (over...