Schedule a Demo

Cyber Security

Cyber Security
Cyber Security

Parrot 7.0 Released with New Penetration Testing and AI Tools

parrot-7.0-released-with-new-penetration-testing-and-ai-tools

Parrot OS 7.0, codenamed Echo, launches as a complete system rewrite based on Debian 13, bringing KDE Plasma 6, Wayland by default, and fresh penetration testing tools, including a dedicated AI category. This release emphasizes lightweight theming and community-driven spins, marking a pivotal update for ethical hackers and security professionals.​ The Echo theme draws from […]

Critical Langchain Vulnerability Let attackers Exfiltrate Sensitive Secrets from AI systems

critical-langchain-vulnerability-let-attackers-exfiltrate-sensitive-secrets-from-ai-systems

A critical vulnerability in LangChain’s core library (CVE-2025-68664) allows attackers to exfiltrate sensitive environment variables and potentially execute code through deserialization flaws. Discovered by a Cyata researcher and patched just before Christmas 2025, the issue affects one of the most popular AI frameworks with hundreds of millions of downloads.​ LangChain-core’s dumps() and dumpd() functions failed […]

100+ Cybersecurity Predictions 2026 for Industry Experts as the AI Adapted in the Wild

100+-cybersecurity-predictions-2026-for-industry-experts-as-the-ai-adapted-in-the-wild

As artificial intelligence becomes deeply embedded in enterprise operations and cybercriminal arsenals alike, the Cybersecurity Predictions 2026 landscape reveals an unprecedented convergence of autonomous threats, identity-centric attacks, and accelerated digital transformation risks. Industry experts across leading security firms, government agencies, and research institutions have identified over 100 critical predictions that define the year ahead, a year where […]

Hackers Exploiting Three-Year-Old FortiGate Vulnerability to Bypass 2FA on Firewalls

hackers-exploiting-three-year-old-fortigate-vulnerability-to-bypass-2fa-on-firewalls

Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VPNs and admin consoles. Fortinet’s PSIRT team detailed the in-the-wild attacks in a recent blog post, urging admins to audit configurations immediately to avoid compromise. Dubbed FG-IR-19-283 (CVE-2020-12812), the issue […]

Evasive Panda APT Using AitM Attack and DNS Poisoning to Deliver Malware

evasive-panda-apt-using-aitm-attack-and-dns-poisoning-to-deliver-malware

The Evasive Panda APT group, also known as Bronze Highland, Daggerfly, and StormBamboo, has been running targeted campaigns since November 2022, using advanced techniques to deliver the MgBot malware. The group employs adversary-in-the-middle attacks combined with DNS poisoning to compromise specific victims across multiple industries. Recent findings show that these operations continued until November 2024, […]

Threat Actors Using Weaponized AV-themed Word and PDF Documents to Attack Israeli Organizations

threat-actors-using-weaponized-av-themed-word-and-pdf-documents-to-attack-israeli-organizations

Security researchers at Seqrite Labs have identified a campaign called Operation IconCat, targeting Israeli organizations with weaponized documents designed to look like legitimate security tools. The attacks began in November 2025 and have compromised multiple companies across information technology, staffing services, and software development sectors. The core of this attack relies on a psychological trick: […]

Ransomware Attack on Romanian Waters Authority 1,000+ IT Systems Compromised

ransomware-attack-on-romanian-waters-authority-1,000+-it-systems-compromised

Romania’s National Administration “Apele Române” (Romanian Waters) disclosed a severe ransomware attack on December 20, 2025. That compromised approximately 1,000 IT systems across the agency and 10 of its 11 regional water basin administrations. The incident affected critical infrastructure responsible for managing the country’s water resources and hydrotechnical operations. However, operational technologies remained secure throughout […]

Microsoft Teams to Enforce Messaging Safety Defaults Starting January 2026

microsoft-teams-to-enforce-messaging-safety-defaults-starting-january-2026

Microsoft is strengthening the security posture of enterprise collaboration by automatically enabling critical messaging safety features in Microsoft Teams. According to a new administrative update, the company will switch several protective settings to “On” by default starting January 12, 2026, affecting tenants who rely on standard configurations. The initiative represents a shift toward “secure-by-default” principles, […]

HardBit 4.0 Ransomware Actors Attack Open RDP and SMB Services to Persist Access

hardbit-4.0-ransomware-actors-attack-open-rdp-and-smb-services-to-persist-access

HardBit ransomware continues to evolve as a serious threat to organizations worldwide. The latest version, HardBit 4.0, emerged as an upgraded variant of a strain that has been active since 2022, bringing with it more advanced features and enhanced techniques to avoid detection. This newest iteration represents a significant step forward in the ransomware’s ability […]

CISA Adds Digiever Authorization Vulnerability to KEV List Following Active Exploitation

cisa-adds-digiever-authorization-vulnerability-to-kev-list-following-active-exploitation

A critical vulnerability affecting Digiever DS-2105 Pro network video recorders was added to the Known Exploited Vulnerabilities (KEV) catalog on December 22, 2025, following evidence of active exploitation in the wild. CVE-2023-52163 is a missing authorization vulnerability in Digiever DS-2105 Pro devices. That enables attackers to execute unauthorized commands through the time_tzsetup—cgi interface. Attribute Details […]