Windows Active Directory Flaw Leads to Unauthorized Privilege Escalation
Microsoft has released an urgent patch for a serious security flaw—CVE-2025-29810—affecting Windows Active Directory Domain Services (AD DS). This vulnerability allows attackers to escalate privileges and potentially take full control [...]
Ivanti RCE flaw affects over 5,000 devices
More than 5,000 Ivanti Connect Secure devices remain exposed to a high-risk remote code execution (RCE) vulnerability, CVE-2025-22457, according to data from the Shadowserver Foundation. This flaw, caused by a [...]
CISA Warns of Active CrushFTP Authentication Bypass Exploit
CISA has issued a warning about a critical vulnerability (CVE-2025-31161) in CrushFTP that is being actively exploited. This flaw allows attackers to bypass authentication, putting systems at serious risk. The [...]
Lazarus Hides Malicious npm Code Using Hex Encoding
North Korea’s Lazarus Group has ramped up its Contagious Interview campaign by using new npm packages with hex-encoded strings to evade detection. These packages deliver BeaverTail infostealers and RAT loaders, [...]
NEPTUNE RAT: Windows Malware Steals Passwords from Over 270 Apps
A new cyber threat called Neptune RAT is raising concerns among Windows users, as it targets sensitive data and has advanced malicious features. Researchers at CYFIRMA have analyzed the latest [...]
FHN 
