Do Son
The Squid Project has issued an urgent advisory for CVE-2025-54574 (CVSS 9.3), a heap buffer overflow bug...
cybersecurity
APT36—also known as Transparent Tribe—has long been linked to Pakistan-backed cyber-espionage operations. But as uncovered in a...
In a recently disclosed advisory, HashiCorp has patched a critical vulnerability—CVE-2025-6000—in Vault, its industry-standard secrets management solution....
In an expose, DomainTools has peeled back the curtain on one of the most sophisticated and economically...
The eSentire Threat Response Unit (TRU) exposed a detailed and technically sophisticated ransomware campaign orchestrated by the...
Proofpoint has revealed a persistent wave of adversary-in-the-middle (AiTM) phishing campaigns that exploit Microsoft OAuth applications to...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory about a critical vulnerability—CVE-2025-8286—impacting...
The Cloudflare Email Security team has exposed a wave of phishing attacks that abuse link wrapping services—typically...
Cisco Talos has released its latest Threat Intelligence Report for Q2 2025, revealing a threat landscape increasingly...
LockBit isn’t just another ransomware group—it’s an evolving threat that continues to adapt its tactics to evade...
Palo Alto Networks has announced its acquisition of Israeli cybersecurity firm CyberArk for nearly $25 billion, marking...
End-to-end encrypted email provider ProtonMail has recently unveiled Proton Authenticator, a cross-platform multi-factor authentication (MFA) app with...
WithSecure has uncovered a stealthy campaign using legitimate Remote Monitoring and Management (RMM) tools embedded in PDF...
The cybersecurity firm Gen Digital—formerly known as Symantec and Norton—has recently submitted the decryption key and tool...
Enable Security has disclosed critical vulnerabilities in Rtpengine, a popular media relay component used in Voice over...
SUSE has issued a high-severity security advisory for CVE-2025-46811, a critical vulnerability in SUSE Manager that allows...
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass...
Sophos analysts have uncovered a newly combined infection technique used by the GOLD BLADE cybercriminal group to...
In a major cybersecurity revelation, Check Point Research (CPR) has disclosed the full scale of a stealthy...
Elastic Security Labs has exposed the inner workings of NOVABLIGHT, a highly modular, NodeJS-based Malware-as-a-Service (MaaS) information...