Resources
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
CISA warns of actively exploited Git vulnerability CVE-2025-48384 that enables arbitrary code execution via crafted submodules; federal patch deadline set for September 15.
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
Citrix patches critical NetScaler RCE CVE-2025-7775 exploited in zero-day attacks; admins must upgrade affected NetScaler ADC and Gateway builds immediately.
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims spanning healthcare, manufacturing, and IT, ...
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
WinRAR Zero-Day Vulnerability Exploited by Multiple Threat Actors
A newly discovered zero-day in WinRAR, CVE-2025-8088, is being exploited by RomCom hackers to plant executables in Windows Startup folders via path traversal. The flaw ...
Critical PostgreSQL Flaws Allow Code Injection During Database Restoration
The PostgreSQL team has disclosed three critical vulnerabilities—CVE-2025-8714, CVE-2025-8715, and CVE-2025-1094—impacting backup and restore utilities. These flaws enable malicious code injection and SQL exploitation, posing ...
Crypto24 Ransomware: The Phantom Encryptor
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal, encrypt, and leak sensitive data.
Charon Ransomware: Stealthy Cyber Extortion Syndicate
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing a severe threat to critical ...
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.