News

New Veeam RCE flaw lets domain users hack backup servers
Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote ...
CSO Online10h
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
Chimera-sandbox-extensions” exploit highlights rising risks of open-source package abuse, prompting calls for stricter ...
SecurityWeek14h
Recent Langflow Vulnerability Exploited by Flodrix Botnet
A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet.
Financial News15h
Avail Goes Full Stack to Capture $300bn Global Blockchain Infra Market
According to Grand View Research, the global blockchain market is projected to grow from $31.3 billion in 2024 to $1.43 ...
The Hacker News18h
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, ...
Why You Should Never Click Old Discord Invite Links
If you've received an invite link to Discord but never used it to join that specific server, don't click through it weeks or ...
AMD plugs serious Ryzen vulnerability with new firmware update
AMD is providing an updated version of its AGESA firmware to address a key vulnerability that affects the TPM module within ...
The Hacker News1d
⚡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More
Zero-click spyware. Undetectable AI leaks. Microsoft Copilot exploited. Read this week's top cyber incidents and the silent ...
SecurityWeek1d
High-Severity Vulnerabilities Patched in Tenable Nessus Agent
Three high-severity Tenable Agent vulnerabilities could allow users to overwrite and delete files, or execute arbitrary code.
The Register2d
Dems demand audit of CVE program as Federal funding remains uncertain
It’s a cross-site scripting vulnerability present in open-source webmail platform Roundcube, and abuses a desanitization ...
Over 46,000 Grafana instances exposed to account takeover bug
More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability ...
So... You Want to Become a Penetration Tester?
Penetration testing is a key part of cybersecurity: finding and safely exploiting system flaws. Learn the skills, tools, and steps to start your career as an ...