My Courses
-
CVE-2025-8088 – WinRAR path traversal vulnerability exploited to run malicious software
A zero-day vulnerability in WinRAR, tracked as CVE-2025-8088, poses significant risks to users of the popular file archiving tool. This path traversal flaw affects the…
-
EncryptHub using Brave Support Platform to weaponise MMC vulnerability
The cyberthreat landscape is increasingly complex as malicious actors refine their attack strategies, with the EncryptHub threat group, also known as LARVA-208 and Water Gamayun,…
-
Brivo’s Visitor Management system, enhanced by Envoy, enhances security at the front desk.
Brivo has announced a strategic partnership with Envoy, integrating Envoy’s workplace platform into the Brivo Security Suite. This collaboration merges workplace experience with physical security,…
-
Hacked police and government emails for sale: $40 ono
Active police and government email accounts are being sold on the dark web for as little as $40, providing cybercriminals with direct access to systems…
-
How ShinyHunters Infiltrated Google, Adidas, Louis Vuitton, and Other Brands
The cybersecurity landscape experienced a sophisticated and ongoing attack campaign throughout 2025, successfully compromising major corporations such as Google, Adidas, and Louis Vuitton, among others….
-
SmartLoader malware spread through GitHub repositories
Cybersecurity researchers have identified a sophisticated malware distribution campaign that exploits GitHub repositories, masquerading as legitimate software projects. The SmartLoader malware has been strategically deployed…
-
Cybercriminals using CrossC2 to extend Cobalt Strike beacons to Linux and macOS
Japan’s CERT Coordination Centre (JPCERT/CC) reported on Thursday that it observed incidents involving a command-and-control (C2) framework known as CrossC2. This framework is designed to…
-
Weaknesses in the Xerox Print Orchestration Product allow remote code execution
Xerox has addressed critical security vulnerabilities in its FreeFlow Core, specifically Path Traversal and XML External Entity (XXE) injection flaws that could allow unauthenticated remote…
-
Canadian House of Commons targeted by SharePoint Toolshell cyberattack
A cyberattack targeted the Canadian House of Commons on August 9, 2025, when threat actors exploited a recently disclosed Microsoft vulnerability to gain unauthorised access…
-
Apache Tomcat vulnerabilities allow Denial of Service (DoS) attacks
A critical security vulnerability has been discovered in Apache Tomcat’s HTTP/2 implementation, enabling attackers to launch severe denial-of-service (DoS) attacks against web servers. This vulnerability,…
