Cybersecurity Articles

52/68 Thursday, February 6, 2025 AMD has released a patch to address CVE-2024-56161 (CVSS score: 7.2), a vulnerability discovered by researchers from Google. This flaw allowed attackers with administrative privileges to load malicious microcode into the CPU, impacting Secure Encrypted Virtualization (SEV) technology, which protects virtual machine (VM) memory from unauthorized access. The vulnerability stemmed […]

51/68 Thursday, February 6, 2025 Netgear has disclosed two critical vulnerabilities affecting multiple WiFi router models. These vulnerabilities, identified as PSV-2023-0039 and PSV-2021-0117, have prompted the company to urge customers to update their firmware immediately to mitigate security risks. The vulnerabilities include a Remote Code Execution (RCE) flaw and an Authentication Bypass issue, both of […]

50/68 Wednesday, February 5, 2025 Google has released the February 2025 Android security update, addressing 48 vulnerabilities, including the actively exploited Zero-Day CVE-2024-53104. This vulnerability is a privilege escalation flaw in the Kernel’s USB Video Class (UVC) driver, allowing attackers to gain elevated system privileges. The issue stems from improper handling of UVC_VS_UNDEFINED frames, potentially […]

49/68 Wednesday, February 5, 2025 Microsoft has announced that it will discontinue the VPN privacy protection feature in the Microsoft Defender app by February 28, 2025. The company cited low usage as the primary reason and stated that it aims to reallocate resources toward developing features that better align with customer needs. The VPN feature […]

48/68 Tuesday, February 4, 2025 U.S. and Dutch authorities have seized 39 domains and servers associated with the HeartSender cybercrime group, which operates out of Pakistan. The group, also known as Saim Raza and Manipulators Team, has been selling phishing tools and malware to cybercriminals since 2020, causing over $3 million in damages in the […]

47/68 Tuesday, February 4, 2025 Social engineering is a tactic that exploits human psychological weaknesses to gain access to sensitive information or systems, often without requiring sophisticated technical skills. Instead, it manipulates emotions such as trust, fear, or respect for authority. The rise of artificial intelligence (AI) has transformed the landscape of social engineering attacks, […]

46/68 Monday, February 3, 2025 Tata Technologies, a subsidiary of Tata Motors specializing in product engineering services for automotive, aerospace, and industrial equipment manufacturers, has confirmed that it was targeted by a ransomware attack. The incident affected parts of its IT infrastructure, prompting the company to take preventive measures, including temporarily suspending certain IT services. […]

45/68 Monday, February 3, 2025 Google has released its latest report revealing that Advanced Persistent Threat (APT) groups, or state-sponsored hacker groups from multiple countries, are experimenting with Gemini, Google’s AI assistant, to enhance their cyber operations. These groups are not using AI for direct attacks but rather as a tool to assist in code […]

44/68 Friday, January 31, 2025 A Critical Vulnerability has been discovered in the Cacti Framework, an open-source platform for network monitoring and fault management. This vulnerability, identified as CVE-2025-22604, could allow an authenticated attacker to perform Remote Code Execution (RCE) on affected servers. It has been assigned a CVSS score of 9.1 and originates from […]

43/68 Friday, January 31, 2025 Cybersecurity researchers have issued a warning about a critical zero-day vulnerability affecting Zyxel CPE Series devices, which are currently under heavy attack. The vulnerability, identified as CVE-2024-40891, is an unpatched command injection flaw that could allow attackers to execute arbitrary commands on affected devices. This could lead to system breaches, […]