In the field of cybersecurity, protecting corporate data is of utmost importance. However, even platforms developed by major technology companies can contain vulnerabilities. Critical security flaws discovered in the IBM OpenPages Governance, Risk, and Compliance (GRC) platform have shown that…
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have jointly issued a warning about large-scale attacks carried out by the Ghost ransomware group. This group has targeted organizations across more than 70 countries, spanning…
Mozilla has released Firefox 135.0.1 to protect users from potential Remote Code Execution (RCE) attacks. This update addresses a critical security vulnerability (CVE-2025-1414) that could have compromised systems and exposed user data. This vulnerability is classified as CWE-119 (Memory Corruption)…
A critical security flaw in the Jupiter X Core plugin for WordPress has been identified, potentially exposing over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks. This vulnerability, tracked as CVE-2025-0366, has been assigned a…
🔴 Cybercriminals Are Targeting the Education Sector! As cybersecurity challenges continue to grow in complexity, a new threat has emerged—Lumma InfoStealer, a malicious software (malware) designed to target educational institutions. This malware spreads through infected PDF documents, disguised as legitimate…
Cybersecurity researchers have identified two serious vulnerabilities in OpenSSH, a widely used protocol for secure network communication. These vulnerabilities, discovered by specialists at Qualys Threat Research Unit (TRU), have been registered as CVE-2025-26465 and CVE-2025-26466. These flaws allow attackers to…
Cybersecurity researchers have discovered a sophisticated malware campaign targeting WordPress websites. This campaign uses the installation of a backdoor, allowing hackers to execute remote code. The malware spreads through the mu-plugins directory, giving attackers full system compromise, data theft, and…
Cybersecurity researchers have discovered a new malware (backdoor) written in the Go programming language. This malicious software uses the Telegram messenger as a command and control (C2) channel. Although still under development, it is already fully functional and capable of…
A critical SQL injection vulnerability has been identified in Apache Fineract, an open-source software widely used in financial services. This vulnerability, tracked as CVE-2024-32838, affects versions 1.4 to 1.9 and has a CVSS score of 9.4, indicating a highly severe…
Recent cybersecurity research has revealed that the Chinese state-backed hacker group “Salt Typhoon” (also known as “RedMike”) compromised more than 1,000 vulnerable Cisco devices worldwide between December 2024 and January 2025, exploiting them for their operations. This cyber-espionage campaign primarily…