Security

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency, has added a newly identified vulnerability in Wing FTP Server to its Known Exploited Vulnerabilities (KEV) catalog after confirming that the flaw is being actively abused by attackers. The issue, tracked as CVE-2025-47813 with a CVSS score of 4.3, allows attackers to obtain […]

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths Read More »

Android 17 Restricts Accessibility API Access to Stop Malware Abuse

Google is currently testing a new security control in Android 17 that prevents certain applications from accessing the system’s Accessibility Services API. The feature is being introduced as part of Android Advanced Protection Mode (AAPM), a security setting designed to protect users from advanced cyber threats. The change appeared in Android 17 Beta 2, according

Android 17 Restricts Accessibility API Access to Stop Malware Abuse Read More »

instagram logo

Meta to End Instagram End-to-End Encrypted Chat Support Starting May 2026

Meta has announced it will discontinue support for end-to-end encryption (E2EE) for Instagram direct messages after May 8, 2026. Users affected by this change will be guided on how to download media and messages they wish to keep. Updating to the latest Instagram version may be required for this process. Reason Behind the Decision Meta explained that few users opted into

Meta to End Instagram End-to-End Encrypted Chat Support Starting May 2026 Read More »

Interpol in cyber criminal

INTERPOL Dismantles 45,000 Malicious IPs and Arrests 94 Suspects in Global Cybercrime Operation

INTERPOL has announced the dismantling of 45,000 malicious IP addresses and servers used in phishing, malware, and ransomware operations. The international law enforcement effort aimed to disrupt criminal networks, neutralize emerging threats, and protect victims from online scams. The operation involved 72 countries and territories, resulting in the arrest of 94 individuals, with another 110 under investigation. Authorities seized 212

INTERPOL Dismantles 45,000 Malicious IPs and Arrests 94 Suspects in Global Cybercrime Operation Read More »

Linux-AppArmor

Nine CrackArmor Vulnerabilities in Linux AppArmor Allow Root Privilege Escalation and Container Isolation Bypass

Cybersecurity researchers have uncovered a group of critical security weaknesses in the Linux kernel’s AppArmor Linux security module that could allow attackers with limited privileges to bypass system protections, gain root access, and weaken container isolation mechanisms. The collection of nine vulnerabilities has been collectively named CrackArmor vulnerabilities by the Qualys Threat Research Unit (TRU).

Nine CrackArmor Vulnerabilities in Linux AppArmor Allow Root Privilege Escalation and Container Isolation Bypass Read More »

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have revealed details about multiple serious vulnerabilities in the n8n workflow automation platform, including two critical flaws that could allow attackers to execute arbitrary commands on affected systems. The vulnerabilities have already been patched, but security experts warn that systems running older versions may remain vulnerable. Key Vulnerabilities Identified Researchers identified two major security

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials Read More »

CISA Known Exploited Vulnerabilities Catalog logo

CISA Warns of Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added three newly identified security vulnerabilities affecting SolarWinds, Ivanti, and Omnissa products to its Known Exploited Vulnerabilities (KEV) catalog after confirming that attackers are actively exploiting them. The KEV catalog is maintained by CISA to highlight vulnerabilities that are currently being used in real world cyber attacks, allowing organizations to prioritize patching

CISA Warns of Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One Read More »

Hikvision

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added two high severity vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence that the flaws are being actively exploited. Both vulnerabilities carry a CVSS score of 9.8, indicating a critical level of risk for affected systems. Vulnerability Affecting Hikvision Devices The first vulnerability, tracked as CVE-2017-7921,

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog Read More »

Europol flow chat

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials

International law enforcement agencies have successfully dismantled LeakBase, a notorious online marketplace widely used by cybercriminals to trade stolen credentials and hacking resources. The coordinated crackdown was led by the Federal Bureau of Investigation and Europol as part of a multinational cybercrime investigation. Authorities confirmed that the website leakbase[.]la has been seized. Visitors attempting to access the platform now encounter an official

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials Read More »

CISA Includes Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 in KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added a newly disclosed VMware vulnerability to its Known Exploited Vulnerabilities catalog after reports indicated real world abuse. The flaw, tracked as CVE-2026-22719, affects Broadcom VMware Aria Operations and carries a CVSS score of 8.1, classifying it as high severity. Command Injection Risk Enables Remote Code Execution According to

CISA Includes Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 in KEV Catalog Read More »