CVE-2025-20059: Relative Path Traversal Vulnerability in Ping Identity PingAM Java Policy Agent
Hard on the heels of the recent disclosure of CVE-2025-0108 exploitation affecting Palo Alto Networks PAN-OS products, another critical vulnerability…
Threats
CVE-2025-0108 Detection: Active Exploitation of an Authentication Bypass Palo Alto Networks PAN-OS Software
A recently patched firewall flaw in Palo Alto Networks PAN-OS, tracked as CVE-2025-0108, lets cybercriminals with network access to the…
Ghost (Cring) Ransomware Detection: The FBI, CISA, and Partners Warn of Increasing China-Backed Group’s Attacks for Financial Gain
Increasing ransomware volumes, expanding hacker collectives, and record-breaking damage costs are redefining the cyber risk arena. The FBI, CISA, and…
CVE-2025-26465 & CVE-2025-26466 Vulnerabilities Expose Systems to Man-in-the-Middle and DoS Attacks
Two newly uncovered security flaws in the open-source OpenSSH suite tracked as CVE-2025-26465 and CVE-2025-26466 could enable adversaries to launch…
CVE-2025-1094 Exploitation, a Critical SQL Injection Vulnerability in PostgreSQL That Can Lead to Arbitrary Code Execution
A novel PostgreSQL flaw, CVE-2025-1094, has hit the headlines. Defenders recently revealed that attackers responsible for weaponizing a BeyondTrust zero-day…
RedCurl/EarthKapre APT Attack Detection: A Sophisticated Cyber-Espionage Group Uses a Legitimate Adobe Executable to Deploy a Loader
The nefarious cyber-espionage hacking collective tracked as EarthKapre or RedCurl APT has resurfaced to target legal sector organizations using Indeed-themed…
Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine
For over a decade, russia-backed Sandworm APT group (also tracked as UAC-0145, APT44) has consistently targeted Ukrainian organizations, with a…
XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities
XE Group, likely a Vietnam-linked hacking collective that has been active in the cyber threat arena for over a decade…
CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations
Since a full-scale invasion of Ukraine, cybercriminal groups of russian origin have relentlessly targeted the Ukrainian state bodies and business…
CVE-2025-21293 Detection: PoC Exploit Released for a Privilege Escalation Vulnerability in Active Directory Domain Services
Shortly after the critical zero-click OLE vulnerability in Microsoft Outlook (CVE-2025-21298), yet another dangerous security threat has come to light.…