Author Info

Despite Oracle's denial of a breach in its Cloud federated SSO login servers, evidence suggests otherwise. Multiple companies have confirmed the authenticity of data samples allegedly stolen by a threat actor. Details of the Alleged Breach Recently, an individual identified as ‘rose87168’ claimed responsibility for breaching Oracle Cloud

A sophisticated cyber threat actor known as EncryptHub has been identified in a series of zero-day attacks targeting a vulnerability within the Microsoft Management Console (MMC). This flaw, recently patched by Microsoft, allows attackers to bypass security features and execute malicious code on Windows systems. Understanding the MMC Vulnerability The

The VanHelsing ransomware-as-a-service (RaaS) has surfaced, impacting three victims since its launch on March 7, 2025. This operation demands ransoms up to $500,000, making it a significant threat in the cybersecurity landscape. Understanding the VanHelsing Model VanHelsing operates on a RaaS model, allowing both seasoned hackers and newcomers to

Recent discoveries reveal that new Android malware campaigns are leveraging Microsoft's cross-platform framework, .NET MAUI, to disguise themselves as legitimate applications and avoid detection. This innovative tactic was identified by McAfee's Mobile Research Team, part of the App Defense Alliance, which focuses on enhancing Android security.

A significant security flaw has been identified in the Ingress NGINX Controller for Kubernetes, potentially allowing unauthenticated remote code execution. This vulnerability endangers over 6,500 clusters by exposing them to the public internet. Details of the IngressNightmare Vulnerabilities The vulnerabilities, collectively known as IngressNightmare, have been assigned CVE identifiers

Ukraine's national railway operator, Ukrzaliznytsia, has experienced a significant cyberattack that has disrupted its online ticketing services. This attack has affected both mobile applications and the official website, forcing passengers to purchase tickets at physical booths. The disruption has led to overcrowding and long wait times at ticket

A prominent telecommunications firm in Asia has reportedly been compromised by Chinese state-backed hackers who managed to remain undetected within the company's systems for more than four years. This information comes from a recent report by the cybersecurity firm Sygnia. Cyber Espionage Tactics The threat actor, identified as

A significant security flaw has been identified in the Next.js React framework, which may allow attackers to circumvent authorization checks under specific conditions. This vulnerability, designated as CVE-2025-29927, has been assigned a high CVSS score of 9.1, indicating its severity. Understanding the Vulnerability The issue arises from the

Recent investigations by cybersecurity experts have uncovered the deployment of advanced spyware named Graphite, developed by the Israeli company Paragon Solutions, targeting individuals through WhatsApp. This attack utilized a zero-click exploit, leveraging an undisclosed vulnerability in WhatsApp's software, allowing unauthorized access to devices without user interaction. Understanding the