New Osiris Ransomware Campaign Exploits Living-off-the-Land Tools
A recently identified ransomware strain named Osiris was linked to an intrusion at a large food services organization in Southeast Asia in November 2025. Analysts confirmed that this malware is [...]
OWASP ZAP Releases New Penetration Testing Browser Extension
The OWASP ZAP project has introduced a new add-on that brings the OWASP Penetration Testing Kit (PTK) directly into browsers opened through ZAP. The current release, version 0.2.0 (alpha), removes [...]
BIND 9 Vulnerability Can Crash DNS Servers
A newly reported high-impact security flaw in BIND 9, one of the most widely deployed DNS server implementations, could allow attackers to disrupt DNS operations remotely. By sending specially crafted [...]
Cisco Unified Communications Zero-Day RCE Enables Root Access
Cisco has issued an urgent security alert after identifying a previously unknown remote code execution flaw being exploited against its Unified Communications platforms. The vulnerability, tracked as CVE-2026-20045, enables attackers [...]
Apache Airflow Flaws Risk Exposure of Sensitive Data
Multiple vulnerabilities in Apache Airflow versions prior to 3.1.6 could lead to the exposure of sensitive credentials through task logs and the web interface. The issues are caused by improper [...]
Get Social