A urgent guidance on July 19, 2025, warning of active attacks targeting on-premises SharePoint servers by Chinese nation-state actors exploiting critical vulnerabilities CVE-2025-53770 and CVE-2025-53771.
The company has observed multiple threat groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, conducting sophisticated attacks against internet-facing...
A critical vulnerability in PHP's PDO (PHP Data Objects) library has been discovered that allows attackers to perform SQL injection attacks even when applications use prepared statements and proper escaping techniques.
Security researcher hashkitten revealed this technique during the DownUnderCTF competition, demonstrating how PDO's...
A sophisticated new SS7 bypass attack that enables surveillance companies to circumvent mobile network security defenses and illegally track user locations.
The attack exploits a little-known encoding technique in the SS7 protocol's TCAP layer, effectively hiding subscriber identity information from security systems designed to...
Indian cryptocurrency exchange CoinDCX confirmed a major security breach on Saturday (July 19, 2025) that resulted in hackers stealing $44 million from the platform.
Co-founder Sumit Gupta acknowledged the attack while reassuring users that customer funds remain secure and trading operations continue normally.
The cyberattack...
A configuration vulnerability in Microsoft's AppLocker security feature that could potentially allow certain applications to bypass system restrictions.
The discovery centers around a seemingly minor numerical discrepancy in Microsoft's official documentation that creates an exploitable gap in the application control system, though the researchers...
A critical security vulnerability has been discovered in Livewire v3, a popular full-stack framework for Laravel that enables developers to build dynamic user interfaces without extensive JavaScript knowledge.
The vulnerability, designated as CVE-2025-54068 and tracked as GHSA-29cq-5w36-x7w3, allows unauthenticated attackers to achieve remote command...