Major US Banks Exposed in SitusAMC Vendor Breach
Client data from major US financial institutions, including JPMorgan Chase, Citi, and Morgan Stanley, may have been exposed following a […]
Major US Banks Exposed in SitusAMC Vendor Breach Read More »
Iberia Airlines Confirms Customer Data Breach via Third-Party Vendor
Spanish flag carrier Iberia has notified customers of a data breach stemming from a compromise at a third-party supplier. The
Iberia Airlines Confirms Customer Data Breach via Third-Party Vendor Read More »
Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Privilege Escalation
A critical authentication bypass vulnerability (CVE-2025-49752) has been disclosed in Microsoft Azure Bastion. The flaw allows remote attackers to bypass
Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Privilege Escalation Read More »
New “Matrix Push” C2 Uses Browser Notifications for Fileless Attacks
Researchers have identified “Matrix Push,” a new Command and Control (C2) framework that abuses legitimate browser push notifications to execute
New “Matrix Push” C2 Uses Browser Notifications for Fileless Attacks Read More »
CrowdStrike Terminates Insider for Leaking Internal Data to Hackers
Cybersecurity giant CrowdStrike has confirmed the termination of an employee who allegedly shared sensitive internal system details with a hacking
CrowdStrike Terminates Insider for Leaking Internal Data to Hackers Read More »
ShinyHunters Claims Breach of 200+ Companies via Salesforce Gainsight Integration
The ShinyHunters hacking group claims to have compromised over 200 companies by exploiting a supply chain vulnerability in the “Gainsight”
ShinyHunters Claims Breach of 200+ Companies via Salesforce Gainsight Integration Read More »
CISA Adds Critical Oracle Identity Manager Flaw (CVE-2025-61757) to KEV
CISA has added a critical vulnerability (CVE-2025-61757, CVSS 9.8) in Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog.
CISA Adds Critical Oracle Identity Manager Flaw (CVE-2025-61757) to KEV Read More »
Active Exploitation of Microsoft Office Zero-Day RCE
Security researchers have identified a critical Remote Code Execution (RCE) zero-day vulnerability in Microsoft Office that is being actively exploited
Active Exploitation of Microsoft Office Zero-Day RCE Read More »
Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Takeover
A critical authentication bypass vulnerability (CVE-2025-49752, CVSS 10.0) has been disclosed in Microsoft Azure Bastion. The flaw allows unauthenticated attackers
Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Takeover Read More »
Report: Deepfakes Now Drive 20% of All Biometric Fraud Attempts
A new 2026 Identity Fraud Report by Entrust reveals that AI-driven deepfakes are now responsible for one in five (20%)
Report: Deepfakes Now Drive 20% of All Biometric Fraud Attempts Read More »
