Author: Chetna Sehgal

Cybersecurity researchers at Trend Micro have uncovered a significant evolution in the Agenda ransomware group, also known as Qilin, highlighting the group’s growing technical sophistication and expanding global footprint. First identified in July 2022, Agenda has steadily transformed into a formidable threat, now using advanced malware loaders, stealth tactics, and diverse distribution infrastructure. Trend Micro … Continued

Elastic has issued a critical security advisory for Kibana, warning users of a high-severity vulnerability that could allow attackers to execute arbitrary code via prototype pollution. The issue, tracked as CVE-2025-25014, carries a CVSS v3.1 score of 9.1, indicating a critical risk to affected systems. The vulnerability, disclosed under Elastic Security Advisory ESA-2025-07, impacts Kibana … Continued

The Akamai Security Intelligence and Response Team (SIRT) has uncovered active exploitation of two previously disclosed vulnerabilities CVE-2024-6047 and CVE-2024-11120 targeting discontinued GeoVision Internet of Things (IoT) devices. This marks the first publicly observed use of these vulnerabilities since their initial disclosures in June and November 2024, respectively. Detected through Akamai’s global network of honeypots … Continued

A critical remote denial-of-service (DOS) vulnerability has been found in Microsoft’s Windows Deployment services(WDS), exposing enterprise networks to system crashes by zero-click attacks. Security researcher warns that the issue, based on remote memory exhaustion, has been dangerously overlooked in cybersecurity, especially within critical infrastructure services. The security researcher Zhiniang Peng reported the issue to Microsoft … Continued

A threat actor has successfully exploited a vulnerability in SentinelOne’s Endpoint Detection and Response (EDR) software to disable protections and deploy ransomware, according to a new disclosure from Aon’s Stroz Friedberg Incident Response Services. The incident, uncovered during a forensic investigation, involved a method that bypassed SentinelOne’s anti-tamper protections by manipulating the agent upgrade and … Continued

U.S. federal authorities have indicted a Yemeni national accused of conducting a global ransomware campaign that targeted more than 1,500 Microsoft Exchange servers, compromising systems at schools, hospitals, and businesses across multiple countries. Rami Khaled Ahmed, 36, of Sana’a, Yemen, allegedly known online as “Black Kingdom” is accused of leading the ransomware operation that struck … Continued

A critical high-severity remote code execution (RCE) vulnerability has been found in the Apache Parquet Java library, specifically affecting the parquet-avro module. Tracked as CVE-2025-46762, this flaw can allow attackers to execute arbitrary code during schema parsing, posing significant risk to data platforms and analytics pipelines that rely on Parquet files. What is Apache Parquet … Continued

Key public and private institutions across the Netherlands have been hit by a wave of distributed denial-of-service (DDoS) attacks in recent days, causing widespread access disruptions, according to the country’s National Cyber Security Center (NCSC). In a statement released this week, the NCSC, which operates under the Ministry of Justice and Security, confirmed that multiple … Continued

A security lapse at Elon Musk’s artificial intelligence startup xAI left sensitive AI models, possibly trained on internal data from SpaceX, Tesla, and X (formerly Twitter). The leak involved a private application programming interface (API) key posted to GiHub by an xAI technical staff. This key granted access to a trove of unreleased and internal … Continued