Ivanti RCE flaw affects over 5,000 devices
More than 5,000 Ivanti Connect Secure devices remain exposed to a high-risk remote code execution (RCE) vulnerability, CVE-2025-22457, according to data from the Shadowserver Foundation. This flaw, caused by a [...]
CISA Warns of Active CrushFTP Authentication Bypass Exploit
CISA has issued a warning about a critical vulnerability (CVE-2025-31161) in CrushFTP that is being actively exploited. This flaw allows attackers to bypass authentication, putting systems at serious risk. The [...]
Lazarus Hides Malicious npm Code Using Hex Encoding
North Korea’s Lazarus Group has ramped up its Contagious Interview campaign by using new npm packages with hex-encoded strings to evade detection. These packages deliver BeaverTail infostealers and RAT loaders, [...]
NEPTUNE RAT: Windows Malware Steals Passwords from Over 270 Apps
A new cyber threat called Neptune RAT is raising concerns among Windows users, as it targets sensitive data and has advanced malicious features. Researchers at CYFIRMA have analyzed the latest [...]
New spyware tricks Android users for passwords
A new Android spyware app uses a password prompt to prevent uninstallation, making it difficult for users to remove without the installer's password. How the Spyware Works The spyware, which [...]
Get Social