Trend Micro has issued an urgent security advisory after identifying a critical vulnerability in its Apex Central management platform. The flaw affects on-premise installations running on Windows systems. It has been rated 9.8 on the CVSS scale, placing it in the critical severity category. Such a high score indicates a serious risk if systems are … Continued
The Federal Bureau of Investigation (FBI) has issued a serious warning about a new cyber-attack method being used by North Korean hackers. The alert was released through an official FLASH advisory to quickly inform organizations about the threat. According to the FBI, this campaign is active and targeted. The goal is to steal sensitive information … Continued
Security researchers have uncovered a new malware campaign targeting developers through the npm ecosystem. The threat involves a previously undocumented remote access trojan called NodeCordRAT, hidden inside Bitcoin-themed packages. These packages appeared legitimate and useful, making them easy for developers to trust. In reality, they were designed to silently infect systems after installation. The discovery … Continued
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a serious warning about two software vulnerabilities that are currently being exploited by attackers. These flaws affect Microsoft Office and HPE OneView, two widely used enterprise technologies. Because there is confirmed evidence of active attacks, CISA has added both issues to its Known Exploited Vulnerabilities … Continued
U.S. broadband provider Brightspeed is investigating serious claims made by a cybercriminal group that says it has breached the company’s systems and accessed sensitive customer data. The hackers also claim they were able to disrupt internet services for some users. Brightspeed has confirmed that it is aware of the allegations and is currently reviewing the … Continued
Microsoft has issued a new security warning after identifying phishing attacks that exploit misconfigured email routing systems. The company says attackers are taking advantage of complex mail setups to send emails that appear to come from inside an organization. These emails look legitimate and can easily trick employees. Because no obvious warning signs are visible, … Continued
A new and highly critical security vulnerability has been found in n8n, a popular open-source workflow automation platform. The flaw has been assigned a CVSS score of 9.9, indicating extremely high risk. Security researchers confirm the issue is real and serious. It affects how n8n handles certain workflow execution features. n8n is widely used to … Continued
A serious security vulnerability called MongoBleed has been identified in MongoDB, and it is currently being exploited by attackers. This is not a warning for the future but an active threat happening right now. Security researchers have confirmed real attacks in the wild. Any exposed MongoDB system is at immediate risk and needs attention. MongoBleed … Continued
The European Space Agency (ESA) has officially confirmed that it recently suffered a cybersecurity breach involving some of its servers. The confirmation came after claims surfaced online from a hacker who said they had gained unauthorized access to ESA systems. Following these claims, the agency investigated the matter and acknowledged that a security incident had … Continued
Cybersecurity researchers have identified a new malware strain called VVS Stealer. This malware is written in Python and is designed to steal sensitive data from infected Windows systems. Its main focus is on Discord users, but it can also collect browser information. Experts say the threat is active and already being used by attackers. VVS … Continued
