In today’s world, website security is becoming an increasingly critical issue. A vulnerability has been discovered in a widely used WordPress plugin, potentially exposing millions of websites to cyberattacks. The affected plugin is Essential Addons for Elementor. The discovered vulnerability…
One of today’s most pressing cybersecurity issues is the large-scale attacks targeting Cisco networking equipment. According to recent reports, hundreds of devices are at risk due to the active exploitation of vulnerabilities CVE-2023-20198 and CVE-2018-0171. Security experts have identified 110…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about CVE-2024-20953, a security vulnerability in Oracle Agile Product Lifecycle Management (PLM). This vulnerability is currently being actively exploited by cybercriminals. On February 24, 2025, CISA added this…
The field of cybersecurity faces ever-evolving threats. Recently, a new malware called GhostSocks was discovered, leveraging SOCKS5 proxy technology to bypass security systems and move anonymously across networks. This malicious tool has been thoroughly analyzed by Infrawatch, revealing that it…
A serious security vulnerability has been discovered in Parallels Desktop, a popular virtualization software used to run Windows and other operating systems on Mac. The CVE-2024-34331 0-Day vulnerability allows attackers to gain root-level privileges on macOS. What’s most concerning is…
The Wireshark Foundation has released version 4.4.4 of its popular network protocol analyzer. This update fixes a high-risk vulnerability, CVE-2025-1492, which allowed attackers to send malicious packets and launch Denial-of-Service (DoS) attacks. This vulnerability was linked to Wireshark’s Bundle Protocol…
The CL0P ransomware group has intensified its attacks against critical infrastructure sectors, leading to widespread data breaches and system encryptions in telecommunications and healthcare organizations worldwide. By exploiting a newly discovered zero-day vulnerability (CVE-2024-50623) in Cleo integration software, the attackers…
Apache Ignite is a distributed in-memory database platform that enables rapid processing and storage of large volumes of data. However, a critical vulnerability, identified as CVE-2024-52577, was recently discovered in the platform. This vulnerability could allow attackers to execute remote code (RCE).…
The RedTeamPentesting company has introduced a new tool called keycred for managing and auditing KeyCredentialLink in Active Directory (AD) environments. This tool plays a crucial role in security testing of AD systems and identifying vulnerabilities. With keycred, system administrators and…
Cybersecurity specialists have recently discovered an open-source repository on the GitHub platform called “Windows-WiFi-Password-Stealer.” This repository contains a Python script that allows users to extract saved Wi-Fi passwords from the Windows operating system. Although the author claims that this tool…