Windows Graphics Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code
Multiple vulnerabilities in Microsoft's Graphics Device Interface (GDI), a core component of the Windows operating system responsible for rendering graphics.
These flaws, discovered by Check...
New BOF Tool Exploits Microsoft Teams’ Cookie Encryption Allowing Attackers to Access User Chats
A specialized Beacon Object File (BOF) designed to extract authentication cookies from Microsoft Teams without disrupting the application.
This development builds on recent findings that...
Cybersecurity News Weekly Newsletter – EY Data Leak, Bind 9, Chrome Vulnerability, and Aardvar...
This week's cybersecurity roundup highlights escalating threats from misconfigurations, software flaws, and advanced malware. Key incidents demand immediate attention from IT teams and executives.
ISC...
New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files
An upgraded release of tool EDR-Redir V2, designed to evade Endpoint Detection and Response (EDR) systems by exploiting Windows bind link technology in a...
OpenAI’s New Aardvark GPT-5 Agent that Detects and Fixes Vulnerabilities Automatically
OpenAI has unveiled Aardvark, an autonomous AI agent powered by its cutting-edge GPT-5 model, designed to detect software vulnerabilities and automatically propose fixes.
This...
Hackers Exploiting Cisco IOS XE Vulnerability in the Wild to Deploy BADCANDY Web Shell
Cybercriminals and state-sponsored actors are ramping up attacks on unpatched Cisco IOS XE devices across Australia, deploying a persistent Lua-based web shell known as...
AzureHound Penetration Testing Tool Weaponized by Threat Actors to Enumerate Azure and Entra ID
AzureHound, an open-source data collection tool designed for legitimate penetration testing and security research, has become a favored weapon in the hands of sophisticated...
CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as...
WhatsApp Introduces Passkey Encryption for Enhanced Chat Message Backup Security
WhatsApp has unveiled passkey-encrypted backups, simplifying the protection of cherished chat histories without the burden of memorizing complex passwords.
This feature allows users to secure...
New Linux Singularity Rootkit using Sophisticated Technique to Evade Elastic EDR Detection
A sophisticated Linux kernel rootkit designed to slip past the defenses of Elastic Security, a leading endpoint detection and response (EDR) platform.
Released on GitHub...
