A critical security vulnerability has been identified in Elastic's Kibana platform that enables attackers to execute heap corruption and potentially achieve remote code execution through specially crafted HTML pages.
The vulnerability, designated as CVE-2025-2135 and detailed in Elastic Security Advisory ESA-2025-09, affects a wide...
The sophistication of cyberattacks continues to climb, with threat actors now leveraging something as innocuous as academic research papers to infect unsuspecting victims.
The recent discovery by AhnLab Security Intelligence Center (ASEC) highlights a new campaign by the notorious Kimsuky group, which has been targeting...
A sophisticated cyberattack campaign targeting German-speaking users has been discovered, exploiting fake CAPTCHA verification prompts to deploy a fileless variant of AsyncRAT.
The malware operates entirely in memory, evading traditional detection methods while enabling full remote access to compromised systems.
Cyber Kill Chain
Fake CAPTCHA Triggers...
In April 2025, East Asia witnessed an alarming spike in sophisticated cyberattacks, primarily orchestrated by the notorious Kimsuky and Konni advanced persistent threat (APT) groups.
According to recent findings from Fuying Lab’s global threat hunting system, the East Asian region has become a prime...
A severe security vulnerability has been discovered in CentOS Web Panel (CWP), a widely-used free web hosting control panel that manages over 200,000 server instances worldwide.
The vulnerability, designated as CVE-2025-48703, allows unauthenticated attackers to execute arbitrary commands remotely on affected servers, posing a...
The Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on June 24, 2025, addressing critical security vulnerabilities across multiple industrial platforms.
These advisories encompass seven newly identified security issues and one significant update to a previously disclosed vulnerability,...