CISA Warns of Active CrushFTP Authentication Bypass Exploit
CISA has issued a warning about a critical vulnerability (CVE-2025-31161) in CrushFTP that is being actively exploited. This flaw allows attackers to bypass authentication, putting systems at serious risk. The [...]
Lazarus Hides Malicious npm Code Using Hex Encoding
North Korea’s Lazarus Group has ramped up its Contagious Interview campaign by using new npm packages with hex-encoded strings to evade detection. These packages deliver BeaverTail infostealers and RAT loaders, [...]
NEPTUNE RAT: Windows Malware Steals Passwords from Over 270 Apps
A new cyber threat called Neptune RAT is raising concerns among Windows users, as it targets sensitive data and has advanced malicious features. Researchers at CYFIRMA have analyzed the latest [...]
New spyware tricks Android users for passwords
A new Android spyware app uses a password prompt to prevent uninstallation, making it difficult for users to remove without the installer's password. How the Spyware Works The spyware, which [...]
Oracle Confirms Data Breach, Begins Notifying Clients
Oracle confirmed a data breach affecting its older Gen 1 servers, its second incident in weeks, highlighting legacy system vulnerabilities and data security concerns. Oracle Breach Details Cyber Security News [...]
Get Social