Security News

Microsoft fixes Power Pages zero-day bug exploited in attacks
2025-02-20 14:34

Microsoft has issued a security bulletin for a high-severity elevation of privilege vulnerability in Power Pages, which hackers exploited as a zero-day in attacks. [...]

Phishing attack hides JavaScript using invisible Unicode trick
2025-02-19 20:14

A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political...

Palo Alto Networks tags new firewall bug as exploited in attacks
2025-02-19 15:38

Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach...

Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs
2025-02-19 14:00

The cyber security firm reported in its latest annual report that their researchers found more than 30.4 million phishing emails last year.

Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
2025-02-19 09:35

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale...

London celebrity talent agency reports itself to ICO following Rhysida attack claims
2025-02-19 09:30

Showbiz members' passport scans already plastered online A London talent agency has reported itself to the UK's data protection watchdog after the Rhysida ransomware crew last week claimed it had...

Palo Alto firewalls under attack as miscreants chain flaws for root access
2025-02-19 00:15

If you want to avoid urgent patches, stop exposing management consoles to the public internet A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two...

New OpenSSH flaws expose SSH servers to MiTM and DoS attacks
2025-02-18 17:07

OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. [...]

Cybercriminals shift focus to social media as attacks reach historic highs
2025-02-18 16:00

A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024. Between October and December alone, 2.55 billion cyber threats were blocked – an astonishing...

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
2025-02-18 15:34

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a...