Cybersecurity News

A significant security alert has emerged as The Shadowserver Foundation reveals that more than 12,000 GFI KerioControl devices remain exposed to a critical Remote Code Execution (RCE) vulnerability, despite an available patch released in December 2024. This widespread exposure presents substantial risks to corporate networks and infrastructure worldwide. Understanding CVE-2024-52875: A Critical Security Threat Security … Read more

In a significant development in the fight against global cybercrime, the United States, Australia, and the United Kingdom have implemented coordinated sanctions against hosting provider Zservers for its alleged role in supporting the notorious LockBit ransomware operation’s infrastructure. This unprecedented action marks a strategic shift in targeting the underlying technical support systems enabling ransomware operations. … Read more

Security researchers at NowSecure have uncovered significant security vulnerabilities in the DeepSeek iOS mobile application, raising serious concerns about user data protection. The investigation revealed critical flaws in the app’s encryption implementation and data handling practices, potentially exposing sensitive user information to unauthorized access. Disabled Security Protocols and Transport Layer Vulnerabilities The most alarming discovery … Read more

In a significant blow to cybercriminal infrastructure, the Dutch National Police (Politie) has executed a major operation resulting in the seizure of 127 servers belonging to the notorious bulletproof hosting provider Zservers. The operation, conducted at Amsterdam’s Paul van Vlissingenstraat data center, follows recent sanctions imposed by the United States, United Kingdom, and Australia against … Read more

Security researchers at DataDog have uncovered a significant vulnerability in Amazon Web Services (AWS) infrastructure, dubbed “WhoAMI,” that could potentially allow attackers to gain unauthorized access to AWS accounts through the manipulation of Amazon Machine Images (AMI). This security flaw, discovered in August 2024, demonstrates how seemingly minor configuration oversights can lead to serious security … Read more

A significant cybersecurity incident emerged in early February 2024 when a threat actor operating under the alias “emirking” claimed to have obtained access credentials for 20 million OpenAI accounts. The data was subsequently listed for sale on BreachForums, a notorious underground marketplace, prompting immediate concern within the cybersecurity community. Initial Investigation and Source Identification While … Read more

Microsoft has released its February 2025 security update package, addressing 63 vulnerabilities across its product ecosystem. Of particular concern are four zero-day vulnerabilities, with two already being actively exploited in the wild, presenting immediate security risks to organizations and users worldwide. Critical Zero-Day Vulnerabilities Under Active Exploitation The most pressing security threat comes from CVE-2025-21391, … Read more

Brave Browser has rolled out a groundbreaking security feature called Custom Scriptlets in its desktop version 1.75, marking a significant advancement in user-controlled web privacy and security. This innovative functionality enables users to inject custom JavaScript code into web pages, providing unprecedented control over their browsing experience and privacy protection mechanisms. Advanced Privacy Controls Through … Read more

The Reserve Bank of India (RBI) has announced a groundbreaking cybersecurity initiative with the introduction of the specialized .bank.in domain space, marking a significant advancement in securing India’s digital banking infrastructure. This strategic move represents one of the most comprehensive approaches to cybersecurity enhancement in the global financial sector. Secure Domain Infrastructure: A New Era … Read more

Apple has released an urgent security update addressing a significant zero-day vulnerability (CVE-2025-24200) that enabled attackers to bypass the USB Restricted Mode protection on locked iOS devices. This critical security feature, designed to prevent unauthorized data access, could be compromised through sophisticated targeted attacks when physical access to the device was obtained. Understanding USB Restricted … Read more