Apache Airflow Exposed
A significant security flaw has surfaced in Apache Airflow (version 3.0.3), exposing sensitive connection information to users with read-only permissions. This issue highlights how even low-privilege access, when combined with system weaknesses, can lead to serious exposure of internal data. What’s Going On The vulnerability allows users with restricted privileges to view confidential connection configurations, […]
XCSSET Malware Evolves
Cybersecurity researchers have uncovered a new variant of the XCSSET malware, which is actively exploiting macOS systems. This malware, known for its history of targeting Xcode developers, has evolved with enhanced capabilities, making it even more dangerous for individuals and organizations relying on macOS environments. The latest version of XCSSET leverages malicious AppleScript files to […]
ColdRiver Expands Malware
A new campaign by the threat group ColdRiver (a.k.a. Star Blizzard or SEABORGIUM) is making waves in the cybersecurity landscape. Known for spear-phishing and credential theft, the group has now expanded its toolkit with custom backdoors designed to infiltrate high-value targets. The Campaign in Focus ColdRiver’s latest activity highlights a shift from traditional credential-harvesting tactics […]
Firebase Misconfigurations
A recent investigation revealed that dozens of mobile applications are unintentionally exposing highly sensitive data because of misconfigured Firebase services. In many cases, unauthenticated attackers can reach into databases, storage buckets, Firestore collections, and Remote Config systems. Here are the key findings: Around 150 Firebase endpoints tied to popular apps were found to be publicly […]
Ransomware Attack at Airport
UK law enforcement has arrested a man in West Sussex in connection with a major ransomware attack that disrupted airports across Europe-including London Heathrow, Brussels, Dublin, and Berlin. The suspect, in his forties, was detained under the UK Computer Misuse Act and released on conditional bail. The core of the problem was a failure in […]
North Korean Cyber Attack
In a sobering reminder of how far threat actors will go, cybersecurity researchers recently uncovered a sophisticated campaign tied to North Korea in which malicious actors used fake job applications as the entry point into target networks. The ruse is clever: pose as an innocent job candidate, get your foot in the door, then quietly […]
SolarWinds & Exploited Vulnerability
SolarWinds has released a hotfix addressing a critical remote code execution (RCE) vulnerability in its Web Help Desk product, tracked as CVE-2025–26399. This flaw, with a CVSS score of 9.8, is an unauthenticated AjaxProxy deserialization vulnerability that allows attackers to execute arbitrary commands on the host machine. Notably, this issue bypasses previous patches for CVE-2024–28988 […]
GeoServer Exploit
A critical vulnerability in GeoServer (CVE-2024-36401) was exploited by threat actors to breach a U.S. federal civilian agency. The flaw arises from unsafe evaluation of property names in the GeoTools library, enabling remote code execution through crafted OGC requests such as GetFeature, GetMap, and Execute. Why This Matters Successful exploitation of this vulnerability allows attackers […]
Microsoft Fixes Entra ID Flaw
A critical vulnerability in Microsoft Entra ID has been patched. Attackers could have exploited this flaw to impersonate global administrators across multiple tenants, gaining elevated privileges and bypassing security controls. Why This Matters Global admin impersonation could allow attackers to access or exfiltrate sensitive corporate data, alter security configurations to hide their activities, deploy malicious […]
DPRK Hackers Exploit Fake Job Interviews
North Korean-linked threat actors have been observed using ClickFix-style lures to deliver BeaverTail malware to job seekers in cryptocurrency and retail sectors. These attackers set up fake hiring platforms on Vercel, advertising positions in marketing, sales, and crypto trading for Web3 organizations. Candidates were asked to complete video assessments, during which a fabricated technical issue […]