In The News

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling The Hacker [email protected] (The Hacker News)
August 30, 2025

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate …

Read More
No Comment

In The News


WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices The Hacker [email protected] (The Hacker News)
August 29, 2025

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently …

Read More
No Comment

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution The Hacker [email protected] (The Hacker News)
August 29, 2025

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.  The flaws, per watchTowr Labs, are listed …

Read More
No Comment

An Audit Isn’t a Speed Bump — It’s Your Cloud Co-Pilot darkreadingRavi Sharma
August 29, 2025

Auditing must be seen for what it truly can be: a multiplier of trust, not a bottleneck of progress. Auditing must be seen for what it truly can be: a multiplier …

Read More
No Comment

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication The Hacker [email protected] (The Hacker News)
August 29, 2025

Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The …

Read More
No Comment

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign The Hacker [email protected] (The Hacker News)
August 29, 2025

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including …

Read More
No Comment

Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation darkreadingRobert Lemos, Contributing Writer
August 29, 2025

Generating exploits with AI and large language models shrinks the time to target software flaws, giving security teams scant time to patch. Can enterprises adapt? Generating exploits with AI and large …

Read More
No Comment

CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
August 29, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-57819 Sangoma FreePBX Authentication Bypass Vulnerability  This type of vulnerability is a frequent attack …

Read More
No Comment

Can Your Security Stack See ChatGPT? Why Network Visibility Matters The Hacker [email protected] (The Hacker News)
August 29, 2025

Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative …

Read More
No Comment

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page The Hacker [email protected] (The Hacker News)
August 29, 2025

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The issue, which is yet to …

Read More
No Comment