CISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE Attacks

09/04/2025 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware

09/04/2025 0 Comments 0 tags

Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of

Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability

09/04/2025 0 Comments 0 tags

Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild.

Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered

09/04/2025 0 Comments 0 tags

Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw

08/04/2025 0 Comments 0 tags

Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a

Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings

08/04/2025 0 Comments 0 tags

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate

Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal

08/04/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege

CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation

08/04/2025 0 Comments 0 tags

A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged

UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine

08/04/2025 0 Comments 0 tags

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware. The activity is aimed at military formations, law

Agentic AI in the SOC – Dawn of Autonomous Alert Triage

08/04/2025 0 Comments 0 tags

Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial