⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated ...
Tag: software vulnerability
Assessing the Role of AI in Zero Trust
By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely ...
PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
Jul 21, 2025Ravie LakshmananThreat Intelligence / Authentication Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to ...
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another ...
Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
Jul 21, 2025Ravie LakshmananNetwork Security / Vulnerability Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw ...
3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics
Jul 21, 2025Ravie LakshmananWeb Security / Cryptocurrency A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript ...
EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware
Jul 20, 2025Ravie LakshmananAI Security / Infostealers The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) ...
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
Jul 20, 2025Ravie LakshmananZero-Day / Vulnerability A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of ...
Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Jul 20, 2025Ravie LakshmananDevOps / Threat Intelligence Cybersecurity researchers have alerted to a supply chain attack that has targeted popular ...
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
Jul 20, 2025Ravie LakshmananVulnerability / Threat Intelligence A newly disclosed critical security flaw in CrushFTP has come under active exploitation ...
Trending.
