PoC Exploit Tool Released for FortiWeb WAF Vulnerability Exploited in the Wild
A proof-of-concept (PoC) exploit tool for CVE-2025-64446 has been publicly released on GitHub. This vulnerability, affecting FortiWeb devices from Fortinet, involves a critical path...
Critical Fortinet FortiWeb Vulnerability Exploited in the Wild to Create Admin Accounts
A critical vulnerability in Fortinet's FortiWeb Web Application Firewall (WAF) is being actively exploited by threat actors, potentially as a zero-day attack vector.
The flaw,...
New Wave of Steganography Attacks: Hackers Hiding XWorm in PNGs
ANY.RUN experts recently uncovered a new XWorm campaign that uses steganography to conceal malicious payloads inside seemingly harmless PNG images.
What appears to be an ordinary graphic actually contains encrypted...
Microsoft Teams New Premium Feature Blocks Screenshots and Recordings During Meeting
Microsoft has launched a new security feature in Teams Premium called "Prevent screen capture," designed to block screenshots and recordings during sensitive meetings, with...
New ClickFix Attack Tricks Users with ‘Fake OS Update’ to Execute Malicious Commands
A new ClickFix campaign is tricking users with a fake Windows update that runs in their browser. Called "Fake OS Update," this scam takes...
.webp?w=324&resize=324,235&ssl=1 "How Attackers Turn SVG Files Into Phishing Lures")
How Attackers Turn SVG Files Into Phishing Lures
Businesses today are dealing with faster, stealthier email threats that look routine yet unleash aggressively malicious scripts the moment a user engages. This is...
Citrix NetScaler ADC and Gateway Vulnerability Enables Cross-Site Scripting Attacks
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway products.
Tracked as CVE-2025-12101, the flaw allows attackers to...
Why your Business Need Live Threat Intel from 15k SOCs
Cybersecurity leaders now face an impossible equation: you need intelligence that's comprehensive enough to protect your organisation, fresh enough to stop emerging threats, and manageable enough that...
Hackers Actively Exploiting Cisco and Citrix 0-Day in the Wild to Deploy Webshell
An advanced hacking group is actively exploiting zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems. These attacks, spotted in real-world operations,...
ChatGPT Hacked Using Custom GPTs Exploiting SSRF Vulnerability to Expose Secrets
A Server-Side Request Forgery (SSRF) vulnerability in OpenAI's ChatGPT. The flaw, lurking in the Custom GPT "Actions" feature, allowed attackers to trick the system...
.webp?w=100&resize=100,70&ssl=1 "Top 10 Best Fraud Prevention Companies in 2025")
