vulnerabilities
Critical SAML Vulnerability in Ivanti VPN Solutions Exposes Enterprises to Unauthorized Access
Critical SAML vulnerability (CVE-2024-21893) in Ivanti VPN solutions exposes enterprises to unauthorized access. Learn about the flaw, affected products, and mitigation steps.
Windows SmartScreen Bypass Vulnerability Exploited in DarkGate Malware Campaign
Critical Windows SmartScreen bypass vulnerability (CVE-2024-21412) exploited in DarkGate malware campaigns. Learn how to protect your systems.
SAP NetWeaver Under Siege: Critical Vulnerabilities Attract Ransomware Gangs and State-Sponsored Hackers
SAP NetWeaver faces active exploitation of critical CVE-2025-31324 by ransomware gangs and nation-state actors, demanding immediate patching.
PAN-OS Authentication Bypass Flaw Under Active Exploitation, Thousands of Enterprise Networks at Risk
An authentication bypass vulnerability in Palo Alto Networks' PAN-OS has left thousands of enterprise networks exposed to active exploitation, with attackers chaining the flaw for firewall takeover.
Ivanti VPN Under Siege: Second Zero-Day in Months Hits Enterprise Networks
A Chinese state-sponsored hacking group has exploited a critical vulnerability in Ivanti Connect Secure VPN appliances since mid-March 2025, marking the second major breach of enterprise network edge devices in months and raising urgent questions about the security of perimeter infrastructure that organizations often treat as "set-and-forget."
College Student Uncovers World's Largest DDoS Weapon: 2 Million Hacked Devices
A 22-year-old college student helped uncover the world's largest DDoS botnet with 2 million hacked devices that launched record-breaking cyberattacks.
UAE Warns: Wiper Malware Poses Critical Threat as Daily Cyberattacks Surge Past 200,000
Unlike ransomware attacks that offer victims a path to recovery through payment, wiper malware leaves organizations with nothing to negotiate and no way to restore lost information without robust backups. Despite the volume of attacks, UAE authorities emphasize that the country's advanced cyber defense systems successfully neutralize the vast majority of threats before they cause disruption.
AI Finds Bugs Humans Can't: Anthropic's Claude Mythos Discovers Thousands of Zero-Days
Anthropic has built an artificial intelligence model so powerful at finding software vulnerabilities that the company refuses to release it publicly. Claude Mythos Preview has identified thousands of previously unknown security flaws across every major operating system and web browser, including vulnerabilities that survived decades of human scrutiny. The discoveries are forcing a reckoning in cybersecurity: AI can now find bugs faster and more thoroughly than human engineers.
CERT-In Warns: Two Chrome Zero-Days Under Active Attack
India's Computer Emergency Response Team has issued a high-severity advisory warning that two critical vulnerabilities in Google Chrome are being actively exploited by attackers, putting billions of users worldwide at risk of data theft, system compromise, and remote device control.
Russian DarkSword Spyware Targets iPhones: Complete Device Takeover Risk
Up to 270 million iPhones are vulnerable to Russian DarkSword spyware. Learn how this zero-click exploit steals data and how to protect your device now.