OAuth Device Code Phishing Targeting Microsoft 365

Published on: December 28, 2025

OverviewOrganizations are facing a widespread and actively exploited phishing campaign targeting Microsoft 365 (M365) environments through abuse of the OAuth 2.0 device authorization flow. Commonly known as OAuth device code phishing,...

Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability (CVE-2020-12812)

Published on: December 27, 2025

Overview:Fortinet has issued a new advisory warning about active exploitation of an old vulnerability in FortiOS SSL VPN.The vulnerability allows attackers to bypass Two-Factor Authentication (2FA) under certain configurations.Although this issue was...

Malicious Chrome Extensions Stealing User Credentials

Published on: December 26, 2025

OverviewTwo malicious Google Chrome extensions published under the name “Phantom Shuttle” have been identified in the Chrome Web Store. These extensions masquerade as legitimate proxy and network-testing tools but secretly hijack user...

China-Aligned APT Exploiting Windows Group Policy for Malware Deployment.

Published on: December 22, 2025

OverviewSecurity researchers have identified an emerging China-aligned advanced persistent threat (APT) cluster, tracked as LongNosedGoblin, actively engaging in cyber-espionage against governmental networks in Southeast Asia and Japan. The threat actor has...

Windows Admin Center Flaw CVE-2025-64669 Enables SYSTEM Privilege Escalation

Published on: December 18, 2025

OverviewA high-severity local privilege escalation vulnerability has been identified in Microsoft Windows Admin Center (WAC). Tracked as CVE-2025-64669, the issue arises from insecure directory permissions within the Windows Admin Center data...

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2025-62562)

Published on: December 15, 2025

Overview:Microsoft has released security updates addressing a critical remote code execution (RCE) vulnerability in Microsoft Outlook and related Microsoft Office products. The vulnerability, tracked as CVE-2025-62562, arises from a use-after-free memory...

Cloudflare Discloses Technical Details Behind Massive Outage that Breaks the Internet

Published on: November 21, 2025

OverviewOn November 18, 2025, Cloudflare experienced a global outage affecting a significant portion of internet services. The outage was caused by a configuration change to a ClickHouse database cluster, which...

Active Exploitation of Cisco ISE & Citrix NetScaler Zero-Days by an Advanced Threat Actor

Published on: November 14, 2025

Overview:Amazons threat intelligence team has observed an advanced persistent threat (APT) actor actively exploiting previously undisclosed zero-day vulnerabilities in:Cisco Identity Services Engine (ISE / ISE-PIC) (unauthenticated remote code execution) Citrix NetScaler ADC...

Chrome Emergency Update to Patch Multiple Remote Code Execution Vulnerabilities.

Published on: November 11, 2025

Overview:Google Chrome has released an urgent update addressing five vulnerabilities, including three of high severity that could enable remote code execution (RCE).The patched versions are:Windows: 142.0.7444.134 / 142.0.7444.135macOS: 142.0.7444.135Linux: 142.0.7444.134These flaws...

November Top Security Vulnerabilities (CVE Report)

Published on: November 11, 2025

Top CVE's report for month of November2025November Top Vulnerabilities OverviewIn November, multiple critical and high severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege...

LinkPro eBPF Rootkit Exploitation via Jenkins (CVE-2024-23897)

Published on: November 7, 2025

OverviewLinkPro is a newly identified GNU/Linux rootkit discovered by Synacktiv following the compromise of an AWS environment. The intrusion originated from an exposed Jenkins server vulnerable to CVE-2024-23897, which was exploited...

CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware

Published on: November 6, 2025

Overview: CISA has issued an urgent alert regarding CVE-2024-1086, a use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component. The flaw allows local attackers to escalate privileges to root, enabling ransomware...

October Top Security Vulnerabilities (CVE Report)

Published on: November 2, 2025

Top CVE's report for month of October2025October Top Vulnerabilities OverviewIn October, multiple critical and high severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege...

FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process (CVE-2025-49201)

Published on: October 30, 2025

OverviewCVE-2025-49201 is a critical authentication vulnerability affecting the Web Administration Daemon/Graphical User Interface (WAD/GUI) components of FortiPAM and FortiSwitch Manager. First disclosed in mid-October 2025, this flaw allows unauthenticated attackers to...

Malicious NPM packages fetch infostealer for Windows, Linux, macOS

Published on: October 30, 2025

OverviewSecurity researchers have identified malicious NPM packages that deliver an infostealer payload targeting Windows, Linux, and macOS environments. These packages are designed to execute upon installation or runtime, harvesting sensitive user data,...

Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability - CVE-2025-59287

Published on: October 29, 2025

Overview:A critical remote code execution (RCE) vulnerability has been identified in the Windows Server Update Services (WSUS) component of certain Microsoft Windows Server versions, tracked as CVE?2025?59287. The vulnerability stems from...

Qilin Ransomware that Target VMware and Windows Networks using Linux RATs.

Published on: October 28, 2025

OverviewThe Agenda (Qilin) ransomware group has evolved its attack methodology by deploying Linux ransomware variants directly on Windows systems, challenging traditional endpoint detection controls.According to Trend™ Research, the group abused legitimate...

FortiOS CLI Command Bypass Vulnerability

Published on: October 16, 2025

Overview:Fortinet has disclosed a high-severity vulnerability in FortiOS, the operating system powering FortiGate firewalls and VPN devices. Identified as CVE-2025-58325, this flaw allows an authenticated attacker with CLI access to bypass...

September Top Security Vulnerabilities (CVE Report)

Published on: October 10, 2025

Top CVE's report for month of September2025September Top Vulnerabilities OverviewIn September, multiple critical and high?severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege escalation...

Disabling Inline SVG Image Display in Outlook for Web and Windows

Published on: October 7, 2025

OverviewMicrosoft has announced a significant security enhancement for Outlook users. As part of this update, inline SVG (Scalable Vector Graphics) image support will be retired across both Outlook for Web (OWA) and...