cybersecurity

CISA Warns of Critical Unauthenticated Access Vulnerability in Instantel Micromate Devices

• Vulnerability Report

CISA Warns of Critical Unauthenticated Access Vulnerability in Instantel Micromate Devices

Ddos June 3, 2025 0

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning users of a critical...

Read More Read more about CISA Warns of Critical Unauthenticated Access Vulnerability in Instantel Micromate Devices

Lyrix Ransomware: New Threat Emerges with Advanced Evasion Tactics

• Malware

Lyrix Ransomware: New Threat Emerges with Advanced Evasion Tactics

Ddos June 3, 2025 0

A new ransomware strain dubbed Lyrix has been discovered by CYFIRMA’s research team while monitoring underground cybercriminal...

Read More Read more about Lyrix Ransomware: New Threat Emerges with Advanced Evasion Tactics

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

• Vulnerability

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Ddos June 2, 2025 0

Qualcomm has disclosed several critical security flaws in its latest June 2025 Security Bulletin, including multiple zero-day...

Read More Read more about Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Critical Security Flaws Found in AXIS OS: Patch Your Devices Now!

• Vulnerability

Critical Security Flaws Found in AXIS OS: Patch Your Devices Now!

Ddos June 2, 2025 0

Axis Communications has issued critical and high-severity patches addressing three recently disclosed vulnerabilities in AXIS OS, the...

Read More Read more about Critical Security Flaws Found in AXIS OS: Patch Your Devices Now!

CVE-2025-4010: ONEKEY Uncovers Critical Remote Code Execution Flaw in Netcomm/Lantronix 4G Gateways

• Vulnerability Report

CVE-2025-4010: ONEKEY Uncovers Critical Remote Code Execution Flaw in Netcomm/Lantronix 4G Gateways

Ddos June 2, 2025 0

A newly disclosed vulnerability affecting Netcomm Wireless devices—now under Lantronix ownership—has been assigned CVE-2025-4010, and it poses...

Read More Read more about CVE-2025-4010: ONEKEY Uncovers Critical Remote Code Execution Flaw in Netcomm/Lantronix 4G Gateways

Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust

• Cybercriminals

Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust

Ddos June 2, 2025 0

The U.S. Department of Justice has announced the seizure of four domains and an associated server operated...

Read More Read more about Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

• Vulnerability Report

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

Ddos June 2, 2025 0

MediaTek, a leading global chipset manufacturer, has published its June 2025 Product Security Bulletin, disclosing one high-severity...

Read More Read more about MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

• Vulnerability Report

Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

Ddos June 2, 2025 0

Roundcube Webmail, a widely-used browser-based IMAP client, has patched a critical security vulnerability, tracked as CVE-2025-49113 (CVSS...

Read More Read more about Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks

• Vulnerability

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks

Ddos June 2, 2025 0

Esri has issued a critical security patch for its widely used Portal for ArcGIS software, addressing a...

Read More Read more about Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

• Vulnerability

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

Ddos June 2, 2025 0

A newly disclosed vulnerability in the Fabio load balancer, tracked as CVE-2025-48865, allows malicious clients to manipulate...

Read More Read more about Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

Aviation Industry Alert: 50,000+ Azure AD Records Exposed via Misconfigured API

• Data Leak

Aviation Industry Alert: 50,000+ Azure AD Records Exposed via Misconfigured API

Ddos June 2, 2025 0

A serious data exposure incident in the aviation industry has been uncovered by CloudSEK’s BeVigil platform, revealing...

Read More Read more about Aviation Industry Alert: 50,000+ Azure AD Records Exposed via Misconfigured API

CISA Alert: Critical Flaws in Consilium Safety CS5000 Fire Panel Could Enable Remote Takeover, No Patch

• Vulnerability Report

CISA Alert: Critical Flaws in Consilium Safety CS5000 Fire Panel Could Enable Remote Takeover, No Patch

Ddos June 2, 2025 0

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning of two critical security...

Read More Read more about CISA Alert: Critical Flaws in Consilium Safety CS5000 Fire Panel Could Enable Remote Takeover, No Patch

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution

• Vulnerability

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution

Ddos June 2, 2025 0

Veritas has issued a security advisory warning users of its Desktop Laptop Option (DLO) platform about two...

Read More Read more about Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

• Vulnerability Report

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

Ddos June 2, 2025 0

Security researchers at Rapid7 have uncovered a troubling trio of vulnerabilities in MICI Network Co., Ltd.’s NetFax...

Read More Read more about Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

• Malware

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

Ddos June 2, 2025 0

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack on the Python Package Index (PyPI)...

Read More Read more about PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

• Vulnerability Report

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

Ddos June 2, 2025 0

In a detailed investigation, NetSPI security researchers have uncovered multiple high-risk local privilege escalation (LPE) vulnerabilities in...

Read More Read more about NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

• Malware

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

Ddos June 1, 2025 0

Cybersecurity researchers at Darktrace have exposed a stealthy and persistent Linux-based botnet dubbed PumaBot, which leverages Go...

Read More Read more about PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

• Vulnerability Report

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

Ddos June 1, 2025 0

Hitachi Energy has issued a cybersecurity advisory warning of multiple vulnerabilities impacting its Asset Suite product—a widely...

Read More Read more about Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

• Vulnerability Report

CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

Ddos May 31, 2025 0

A newly disclosed vulnerability in Perl’s threading mechanism, tracked as CVE-2025-40909, exposes systems to race conditions involving...

Read More Read more about CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

• Vulnerability Report

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Ddos May 31, 2025 0

A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and...

Read More Read more about CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection