Security experts and ethical hackers can now run Kali Linux inside a virtualized container on macOS Sequoia, thanks to Apple’s newly introduced containerization technology. Unveiled at WWDC 2025, Apple’s new framework allows users with Apple Silicon Macs to run isolated Linux distributions in a virtual environment—similar in concept to Microsoft’s WSL2 on Windows. To use … Continued
Microsoft has officially announced that its Authenticator app will no longer support password management features. Starting August 1, 2025, all stored passwords in the app will be removed. Before that, users already lost the ability to add new passwords in June, and in July, autofill was turned off. This change is part of Microsoft’s bigger … Continued
A severe security flaw in the popular Alone – Charity Multipurpose Non-profit WordPress Theme is currently being exploited by malicious actors to compromise WordPress sites through unauthorized plugin installations. Identified as CVE-2025-5394 and rated 9.8 on the CVSS scale, the flaw was discovered by security researcher Thái An. It impacts all theme versions up to … Continued
Google has officially launched the open beta of Device Bound Session Credentials DBSC for Chrome on Windows. This feature is designed to prevent session hijacking by tying session cookies to a specific device. DBSC was first announced as a prototype in early 2024, and after months of development and testing, it is now available for … Continued
Cybersecurity authorities at CISA have just added a serious flaw in PaperCut NG/MF print management software to their Known Exploited Vulnerabilities Catalog, marking it as actively exploited. This vulnerability, tracked as CVE-2023-2533, is a cross-site request forgery issue that attackers are currently using to target organizations globally. CISA officially listed this vulnerability on July 28, … Continued
The security breach affecting Tea — a women-focused dating safety app — has taken a more alarming turn. New findings reveal a second data leak, this time involving a separate database reportedly holding 1.1 million private conversations between users. Tea was designed to help women share reviews about men in a protected digital space, requiring … Continued
Cybersecurity researchers have discovered 13 serious security flaws in the Niagara Framework, a platform used to control smart building systems around the world. This framework, developed by Tridium, a Honeywell company, connects and manages critical building functions like HVAC, lighting, elevators, energy meters, and security systems. The impact of these flaws is massive. Niagara is … Continued
Incident: On July 28, 2025, Russia’s flag carrier Aeroflot reported a critical failure in its corporate IT systems, leading to the cancellation of over 40 flights at Moscow’s Sheremetyevo airport—affecting routes to Minsk, Yerevan, Kaliningrad, Grozny, Astrakhan and others MarketScreener+4The Kyiv Independent+4The Edge Malaysia+4. Claims: A hacking group named Silent Crow, in collaboration with Belarusian activists … Continued
A new ransomware group called Chaos has recently launched a series of cyberattacks, raising serious concerns among cybersecurity experts. This group was first identified around February 2025, and investigators believe it is made up of former members of the BlackSuit or Royal ransomware gangs. The attackers are using a mix of old and new techniques … Continued
Two newly discovered malware campaigns named Soco404 and Koske are now targeting cloud servers to secretly mine cryptocurrency. These attacks are capable of infecting both Linux and Windows systems and are designed to abuse the computing power of cloud services without being noticed. The campaigns were uncovered by security teams from Wiz and Aqua, who … Continued
