As browser extensions become an integral part of our daily web experience, new research highlights a concerning surge in malicious add-ons targeting Firefox users.
In recent findings, security analysts have identified at least eight Firefox extensions masquerading as gaming apps or productivity tools that...
At the 2025 Malaysia National Cyber Defense and Security Exhibition, cybersecurity research organization Qian Pangu unveiled the results of a year-long investigation into a shadowy advanced persistent threat (APT) group dubbed "NightEagle" (internal code: APT-Q-95).
The group is linked to highly sophisticated cyber espionage...
A new security vulnerability in Windows BitLocker that could allow attackers to bypass the encryption software's security features through a physical attack.
The vulnerability, designated CVE-2025-48818, was released on July 8, 2025, and has been classified as "Important" severity by Microsoft, with a CVSS...
Splunk has released a comprehensive security advisory addressing multiple critical vulnerabilities in third-party packages within SOAR versions 6.4.0 and 6.4.1.
The advisory, published on July 7, 2025, identifies significant security vulnerabilities across various components including git, Django, cryptography libraries, and JavaScript frameworks that could...
Splunk has released critical security updates addressing multiple vulnerabilities in third-party packages across Enterprise versions 9.4.3, 9.3.5, 9.2.7, and 9.1.10, with severity ratings ranging from informational to critical.
The advisory, published on July 7, 2025, under Advisory ID SVD-2025-0710, encompasses fixes for numerous Common...
Fortinet has disclosed a critical SQL injection vulnerability affecting multiple versions of FortiWeb, their web application firewall solution.
The security vulnerability, classified as CWE-89, enables unauthenticated attackers to execute unauthorized SQL commands through specially crafted HTTP and HTTPS requests, potentially compromising entire database systems...