Researchers at VulnCheck have uncovered a new malicious campaign exploiting the CVE-2021-41773 vulnerability in Apache HTTP Server version 2.4.49. This flaw enables remote code execution by bypassing path traversal protections, allowing attackers to access...
Cisco has issued an updated advisory regarding a critical vulnerability in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products. This flaw enables remote attackers to execute arbitrary code on the...
SubHunterX is a powerful bug bounty automation framework designed to silently map attack surfaces and uncover critical vulnerabilities. By combining military-grade reconnaissance techniques with intelligent automation, SubHunterX gives security professionals the edge in identifying...
A newly discovered version of the SquidLoader malware has surfaced during a targeted attack on institutions in Hong Kong, sparking significant concern within the financial sector. Of particular alarm is its near-complete evasion of...
Microsoft has begun rolling out an update to the Copilot app for Windows, significantly enhancing its artificial intelligence capabilities through the introduction of the Desktop Share feature. With this update, Copilot can now “see”...
Attacks targeting outdated SonicWall SMA 100 devices have once again exposed the fragility of network perimeters often overlooked by conventional security systems. According to the Google Threat Intelligence Group (GTIG), a targeted campaign employing...
The latest iteration of the Matanbuchus malware loader, designated version 3.0, has drawn particular scrutiny from cybersecurity experts due to its significant enhancements aimed at evading detection and bypassing modern defensive systems. Originally introduced...
A newly discovered vulnerability in Windows Server 2025—dubbed Golden dMSA—poses a grave risk of widespread compromise across entire Active Directory infrastructures, according to a technical report published by enterprise cybersecurity firm Semperis. The issue...
A recent data breach has exposed a critical vulnerability in the systems of Paradox.ai, the developer behind AI-powered chatbots used in recruitment processes at McDonald’s and other Fortune 500 corporations. The cause of this...
lockc lockc is open source software for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated...
During the Pwn2Own Berlin 2025 competition, security researcher Manfred Paul successfully demonstrated an attack against the Mozilla Firefox browser’s rendering process by exploiting a vulnerability in the IonMonkey JIT compiler. Although he did not...
Google has announced the successful discovery of a critical vulnerability in the widely used SQLite database engine—identified and neutralized before it could be exploited in real-world attacks. The flaw was uncovered by Big Sleep,...
