Ghost Calls: Stealthy C2 Attack Exploits Zoom, Teams, and Meet
A novel attack technique dubbed “Ghost Calls” has emerged, exploiting web conferencing platforms like Zoom, Microsoft Teams, and Google Meet…
Security
Retbleed Reloaded: New Exploit Pierces CPU Memory Defenses
Security researchers have recently demonstrated a significantly improved exploit for the Retbleed CPU vulnerability, highlighting the ongoing risks posed by…
15000 Jenkins Servers Exposed to Unauthenticated RCE Attack
A recently identified command injection vulnerability, CVE-2025-53652, in the Jenkins Git Parameter plugin puts approximately 15,000 Jenkins servers at risk…
Global Regulations and Best Practices for Data Compliance in 2025
Data compliance has become a top concern for organizations worldwide. With governments enacting new data protection laws across the globe,…
Friday Squid Blogging: New Vulnerability in Squid HTTP Proxy Server
In a rare squid/security combined post, a new vulnerability was discovered in the Squid HTTP proxy server.
Google Project Zero Changes Its Disclosure Policy
Google’s vulnerability finding team is again pushing the envelope of responsible disclosure: Google’s Project Zero team will retain its existing…
DoS Attacks: The Silent Threat That Can Take Down Any System
One minute, your website is working perfectly. Customers are browsing, logging in, placing orders. Then out of nowhere, it all…
HTTP/1.1 Vulnerability: A Looming Threat to Millions of Websites
A fundamental vulnerability within the HTTP/1.1 protocol poses a significant threat to millions of websites, potentially allowing attackers to execute…
UAC-0099’s New Weapon: The WinRAR Exploit You Can’t Ignore
Executive Summary A critical vulnerability in WinRAR, identified as CVE-2023-38831, is being actively exploited by threat actors to execute arbitrary…
China Accuses Nvidia of Putting Backdoors into Their Chips
The government of China has accused Nvidia of inserting a backdoor into their H20 chips: China’s cyber regulator on Thursday…