Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

by admin | Aug 30, 2025 | Uncategorized

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes....

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

by admin | Aug 30, 2025 | Uncategorized

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS...

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

by admin | Aug 29, 2025 | Uncategorized

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.  The flaws, per watchTowr Labs, are listed below – CVE-2025-53693 – HTML cache...

Webinar: Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook

by admin | Aug 29, 2025 | Uncategorized

Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs...

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

by admin | Aug 29, 2025 | Uncategorized

Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect...