CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited
CISA adds Microsoft Office and HPE OneView vulnerabilities to its KEV list, urging agencies to patch…
[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl
Learn to secure Agentic AI in our upcoming webinar. We cover MCPs, shadow API keys, code…
PLUGGYAPE Malware Targets Ukrainian Defense via Signal, WhatsApp
PLUGGYAPE malware targets Ukrainian defense forces using Signal, WhatsApp, phishing links, and evolving backdoors, CERT-UA reports.
Critical Node.js Vulnerability Causes Server Crashes via async_hooks
Node.js patches critical DoS flaw (CVE-2025-59466) from async_hooks stack overflow, impacting Node.js apps and major APM…
New Research: 64% of 3rd-Party Apps Access Sensitive Data Unjustified
Study finds 64% of third-party apps access sensitive data without business need, exposing government and education…
Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution
Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via exposed phMonitor…
Hackers Exploit c-ares DLL Side-Loading to Deploy Malware
Hackers abuse DLL side-loading in GitKraken’s signed binary to deliver trojans, stealers, and remote access malware…
Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
Krebs details how Russia’s largest private university is connected to a $25M essay mill, revealing ties…
Who Benefited from the Aisuru and Kimwolf Botnets?
An investigation into the cybercriminals, network operators, and proxy services profiting from the Aisuru and Kimwolf…
Windows 11 KB5074109 & KB5073455 cumulative updates released
Microsoft releases Windows 11 KB5074109 & KB5073455 cumulative updates for versions 25H2/24H2 & 23H2 to fix…
Latest Posts
- Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
- The Kimwolf Botnet is Stalking Your Local Network
- Who Benefited from the Aisuru and Kimwolf Botnets?
- Windows 11 PCs may fail to shut down after January update: Microsoft confirms
- Cisco Patches AsyncOS Zero-Day Exploited Since November 2025
