Hackers Can Inject Malicious Code into Antivirus Processes to Create a Backdoor
A new technique enables attackers to exploit antivirus software by injecting harmful code directly into the antivirus processes. This approach
Microsoft Defender Vulnerabilities Allow Attackers to Bypass Authentication and Upload Malicious Files
Critical flaws uncovered in the network communication between Microsoft Defender for Endpoint (DFE) and its cloud services, allowing post-breach attackers
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Oct 11, 2025Ravie LakshmananCloud Security / Network Security Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Oct 11, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR)
Microsoft Fixes Long-standing Windows 11 Update and Shut down Bug
Microsoft has rolled out a fix in its latest preview builds to resolve a notorious glitch with the “update and shut down” feature. This long-standing issue, which has haunted the operating
Windows 11 23H2 Home and Pro reach end of support in 30 days
Microsoft has reminded customers again today that systems running Home and Pro editions of Windows 11 23H2 will stop receiving
Hackers exploiting zero-day in Gladinet file sharing software
Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to
Cybersecurity For Dummies, 3rd Edition eBook FREE for a Limited Time
In today’s hyper-connected world, cyber threats are more sophisticated and frequent than ever – ransomware attacks, data breaches, social engineering
Google Chrome to revoke notification access for inactive sites
Google is updating the Chrome web browser to automatically revoke notification permissions for websites that haven’t been visited recently, to
Apple now offers $2 million for zero-click RCE vulnerabilities
Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and
New Chaosbot Leveraging CiscoVPN and Active Directory Passwords to Execute Network Commands
ChaosBot surfaced in late September 2025 as a sophisticated Rust-based backdoor targeting enterprise networks. Initial investigations revealed that threat actors
Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware
Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances to deploy Akira ransomware on