Security researchers at Check Point have uncovered a widespread attack campaign exploiting a recently discovered Windows NTLM vulnerability (CVE-2025-24054). The attacks began merely a week after Microsoft’s March 2025 security patch release, demonstrating cybercriminals’ rapid response to new security flaws. This vulnerability, rated 6.5 on the CVSS scale, enables attackers to harvest Windows user authentication … Read more

A sophisticated cyberattack has compromised thousands of smart pedestrian crosswalk systems across major U.S. cities, highlighting significant vulnerabilities in urban infrastructure security. Threat actors exploited critical security flaws to gain unauthorized access to pedestrian crossing buttons, replacing standard voice commands with AI-generated messages that mimicked prominent tech industry figures. Critical Security Vulnerabilities Exposed in Crosswalk … Read more

Leading cybersecurity firm Prodaft has announced a groundbreaking initiative to purchase established user accounts on prominent dark web forums and hacking platforms. This strategic move aims to enhance the company’s threat intelligence capabilities and strengthen its position in identifying emerging cyber threats before they materialize into actual attacks. Strategic Value of Dark Web Intelligence Gathering … Read more

A sophisticated ransomware attack targeting IKEA retail operations across multiple European countries has resulted in substantial financial losses totaling €20 million ($22.8 million). The incident, affecting Fourlis Group – IKEA’s operator in Greece, Cyprus, Romania, and Bulgaria – represents one of the most significant cyber attacks in the retail sector for 2024-2025. Attack Timeline and … Read more

A significant development in digital platform regulation has emerged as Telegram faces scrutiny over its cooperation with European law enforcement agencies. The detention of Telegram founder Pavel Durov in France has highlighted critical challenges in balancing platform privacy commitments with regulatory compliance requirements under EU legislation. Understanding the Digital Services Act Framework The Digital Services … Read more

Cybersecurity researchers have uncovered a severe authentication bypass vulnerability in the popular WordPress plugin OttoKit (formerly SureTriggers), potentially affecting more than 100,000 websites. The critical security flaw enables malicious actors to create unauthorized administrator accounts, posing a significant risk to affected WordPress installations. Understanding the Critical Security Vulnerability The vulnerability, tracked as CVE-2025-3102 with a … Read more

The Shadowserver Foundation has uncovered a significant security breach affecting more than 16,620 Fortinet devices globally. This sophisticated attack campaign employs an innovative symbolic link (symlink) technique, enabling threat actors to maintain persistent access even after traditional vulnerability patches are applied. Understanding the Advanced Persistence Mechanism The attackers have demonstrated remarkable sophistication in their approach, … Read more

Security researchers have uncovered a severe vulnerability in Apache Roller, a widely-used blogging platform, that poses significant risks to organizational security. The critical flaw, designated as CVE-2025-24859, allows attackers to maintain unauthorized system access even after credential modifications, highlighting substantial weaknesses in session management implementation. Understanding the Severity and Impact The vulnerability affects all Apache … Read more

Fortinet has disclosed a critical security incident affecting FortiGate VPN devices, where sophisticated threat actors have developed an advanced technique to maintain unauthorized access even after security patches are applied. This persistent threat mechanism exploits the device’s file system architecture, presenting a significant risk to organizational security infrastructure. Technical Analysis of the Attack Vector The … Read more

Microsoft has identified a critical security vulnerability affecting the latest Windows 11 24H2 operating system updates. Users who installed the April cumulative update KB5055523 or March preview update KB5053656 are experiencing system crashes resulting in the Blue Screen of Death (BSOD) with a SECURE_KERNEL_ERROR (0x18B) error code, prompting immediate action from the tech giant. Technical … Read more