Resources
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
Mitchell Langley
August 28, 2025
CISA warns of actively exploited Git vulnerability CVE-2025-48384 that enables arbitrary code execution via crafted submodules; federal patch deadline set for September 15.
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
Gabby Lee
August 28, 2025
Citrix patches critical NetScaler RCE CVE-2025-7775 exploited in zero-day attacks; admins must upgrade affected NetScaler ADC and Gateway builds immediately.
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
Gabby Lee
August 28, 2025
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims spanning healthcare, manufacturing, and IT, ...
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
Mitchell Langley
August 28, 2025
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Mitchell Langley
August 28, 2025
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
Gabby Lee
August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
WinRAR Zero-Day Vulnerability Exploited by Multiple Threat Actors
Andrew Doyle
August 25, 2025
A newly discovered zero-day in WinRAR, CVE-2025-8088, is being exploited by RomCom hackers to plant executables in Windows Startup folders via path traversal. The flaw ...
Critical PostgreSQL Flaws Allow Code Injection During Database Restoration
Mitchell Langley
August 22, 2025
The PostgreSQL team has disclosed three critical vulnerabilities—CVE-2025-8714, CVE-2025-8715, and CVE-2025-1094—impacting backup and restore utilities. These flaws enable malicious code injection and SQL exploitation, posing ...
Crypto24 Ransomware: The Phantom Encryptor
Mitchell Langley
August 18, 2025
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal, encrypt, and leak sensitive data.
Charon Ransomware: Stealthy Cyber Extortion Syndicate
Andrew Doyle
August 18, 2025
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing a severe threat to critical ...
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Andrew Doyle
July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
Andrew Doyle
June 30, 2025
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
Andrew Doyle
May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
Andrew Doyle
May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Andrew Doyle
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.