NPM Supply Chain Attack: 175 Malicious Packages Target Industrial Firms
October 16, 2025
A wave of coordinated supply chain attacks is targeting the NPM ecosystem, with over 400 malicious packages used to deploy
Application Security
NPM Supply Chain Attack: 175 Malicious Packages Target Industrial Firms
A wave of coordinated supply chain attacks is targeting the NPM ecosystem, with over 400 malicious packages used to deploy malware, steal credentials, and compromise ...
ICTBroadcast Servers Under Threat: Cookie Vulnerability Enables Remote Code Execution
A critical vulnerability in ICTBroadcast (CVE-2025-2611) enables unauthenticated remote code execution through malicious session cookies. With public exploits and Metasploit modules available, attackers are actively ...
SAP NetWeaver Patch Released for CVSS 10.0 Deserialization Flaw Vulnerability
A critical CVSS 10.0 vulnerability in SAP NetWeaver AS Java (CVE-2025-42944) allows unauthenticated attackers to remotely execute OS commands through insecure deserialization in the RMI-P4 ...
Industrial Control at Risk: Red Lion RTU Vulnerabilities Score 10.0 CVSS
Researchers uncovered two critical Red Lion Sixnet RTU vulnerabilities that allow attackers to bypass authentication and execute root-level commands remotely. Widely used in energy, water, ...
Cain and Abel: The Classic Cybersecurity Tool for Password Recovery and Network Testing
Cain and Abel is a powerful password recovery and penetration testing tool. Learn its features, uses, risks, and best practices for ethical cybersecurity operations.
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
Enable Kernel-mode Hardware-enforced Stack Protection in Windows 11
Microsoft Warns of New XCSSET macOS Malware Variant Targeting Xcode Devs
Microsoft detects a new XCSSET variant targeting Xcode projects with clipboard hijacking, Firefox data theft, and LaunchDaemon persistence—inspect builds, patch systems, and harden CI pipelines.
Dark Web Monitoring Guide for CISOs: Turning Shadows into Signals
Dark web monitoring gives CISOs early warning of breaches, ransomware, and credential leaks. Turning intelligence into action helps enterprises anticipate attacks instead of merely reacting.
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
Palo Alto Networks confirmed exposure of customer records in a Salesforce breach via Drift tokens, as Unit 42 warned attackers mass-exfiltrated sensitive data and credentials ...
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
Amazon disrupted a Midnight Blizzard campaign where Russian hackers used compromised websites, fake Cloudflare pages, and Microsoft device code abuse to target enterprise Microsoft 365 ...
ICTBroadcast Servers Under Threat: Cookie Vulnerability Enables Remote Code Execution
October 16, 2025
A critical vulnerability in ICTBroadcast (CVE-2025-2611) enables unauthenticated remote code execution through malicious session cookies. With public exploits and Metasploit
SAP NetWeaver Patch Released for CVSS 10.0 Deserialization Flaw Vulnerability
October 16, 2025
A critical CVSS 10.0 vulnerability in SAP NetWeaver AS Java (CVE-2025-42944) allows unauthenticated attackers to remotely execute OS commands through
Industrial Control at Risk: Red Lion RTU Vulnerabilities Score 10.0 CVSS
October 16, 2025
Researchers uncovered two critical Red Lion Sixnet RTU vulnerabilities that allow attackers to bypass authentication and execute root-level commands remotely.
Cain and Abel: The Classic Cybersecurity Tool for Password Recovery and Network Testing
October 1, 2025
Cain and Abel is a powerful password recovery and penetration testing tool. Learn its features, uses, risks, and best practices
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
September 30, 2025
Enable Kernel-mode Hardware-enforced Stack Protection in Windows 11
Microsoft Warns of New XCSSET macOS Malware Variant Targeting Xcode Devs
September 30, 2025
Microsoft detects a new XCSSET variant targeting Xcode projects with clipboard hijacking, Firefox data theft, and LaunchDaemon persistence—inspect builds, patch
Dark Web Monitoring Guide for CISOs: Turning Shadows into Signals
September 30, 2025
Dark web monitoring gives CISOs early warning of breaches, ransomware, and credential leaks. Turning intelligence into action helps enterprises anticipate
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
September 4, 2025
Palo Alto Networks confirmed exposure of customer records in a Salesforce breach via Drift tokens, as Unit 42 warned attackers
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
September 3, 2025
Amazon disrupted a Midnight Blizzard campaign where Russian hackers used compromised websites, fake Cloudflare pages, and Microsoft device code abuse
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.