CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block Updates
A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches…
Uncategorized
Uncategorized
Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks
In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that…
Uncategorized
Angular SSR Vulnerability Allows Attackers to Access Sensitive Data
A high vulnerability in Angular’s server-side rendering (SSR) feature can lead to sensitive data exposure…
Uncategorized
Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks
In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to…
Uncategorized
PoisonSeed Threat Actor Strengthens Credential Theft Operations with New Domains
Spoof the email delivery platform SendGrid and employ fake Cloudflare CAPTCHA interstitials to lend legitimacy…
Uncategorized
kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data
The threat actor delivers three Remote Access Trojans (RATs)—ValleyRAT, FatalRAT, and a newly discovered RAT…
Uncategorized
Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
A newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems…
Uncategorized
Cyber Attack Exposes LNER Train Passengers’ Personal Data
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its…
Uncategorized
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework…
Uncategorized
Three Methods of Compromise and Persistence
A new wave of macOS-targeted malware has emerged under the radar—despite employing advanced process reconnaissance…