Critical Next.js Flaw Lets Attackers Bypass Authorization Controls
A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers…
Uncategorized
Uncategorized
Hackers Exploit Email Marketing Platforms to Deliver Hidden Malware
In recent months, Trustwave SpiderLabs—a LevelBlue company renowned for its threat intelligence and incident response…
Uncategorized
Phishing Campaign Exploits Ads to Breach Hotel Property Management Systems
A sophisticated malvertising campaign has emerged that specifically targets hoteliers and vacation rental operators by…
Uncategorized
Hackers Register Domains to Target 2026 FIFA World Cup in Cyberattack
A concerning surge in malicious domain registrations designed to exploit the upcoming 2026 FIFA World…
Uncategorized
MediaTek Issues Security Update to Patch Multiple Chipset Flaws
MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of…
Uncategorized
Malicious npm Package Impersonates Popular Nodemailer, Puts 3.9M Weekly Downloads at Risk of Crypto Theft
A sophisticated cryptocurrency theft scheme involving a malicious npm package that masquerades as the widely-used…
Uncategorized
Critical ImageMagick Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in ImageMagick, the widely used open-source image processing software, that…
Uncategorized
IBM Watsonx Vulnerability Enables SQL Injection Attacks
A critical vulnerability in the IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data has been…
Uncategorized
Hackers Exploit macOS Security Features to Spread Malware
A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for…
Uncategorized
Fraudulent Scholarship Apps Target Students in “Defarud” Scam Campaign
An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in…