Blogs - Code Defence

ShadowPad Malware Exploits WSUS Flaw (CVE-2025-59287) for Mass Infection

Threat actors are actively exploiting a recently patched critical vulnerability in Microsoft Windows Server Update Services (WSUS) to distribute the […]

ShadowPad Malware Exploits WSUS Flaw (CVE-2025-59287) for Mass Infection Read More »

Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Privilege Escalation

Leave a Comment / News / Code Defence

A critical authentication bypass vulnerability (CVE-2025-49752) has been disclosed in Microsoft Azure Bastion. The flaw allows remote attackers to bypass

Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Privilege Escalation Read More »

Major US Banks Exposed in SitusAMC Vendor Breach

Leave a Comment / News / Code Defence

Client data from major US financial institutions, including JPMorgan Chase, Citi, and Morgan Stanley, may have been exposed following a

Major US Banks Exposed in SitusAMC Vendor Breach Read More »

Iberia Airlines Confirms Customer Data Breach via Third-Party Vendor

Leave a Comment / News / Code Defence

Spanish flag carrier Iberia has notified customers of a data breach stemming from a compromise at a third-party supplier. The

Iberia Airlines Confirms Customer Data Breach via Third-Party Vendor Read More »

Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Privilege Escalation

Leave a Comment / Uncategorized / Code Defence

A critical authentication bypass vulnerability (CVE-2025-49752) has been disclosed in Microsoft Azure Bastion. The flaw allows remote attackers to bypass

Critical Azure Bastion Flaw (CVE-2025-49752) Allows Admin Privilege Escalation Read More »

New “Matrix Push” C2 Uses Browser Notifications for Fileless Attacks

Leave a Comment / Uncategorized / Code Defence

Researchers have identified “Matrix Push,” a new Command and Control (C2) framework that abuses legitimate browser push notifications to execute

New “Matrix Push” C2 Uses Browser Notifications for Fileless Attacks Read More »

CrowdStrike Terminates Insider for Leaking Internal Data to Hackers

Leave a Comment / Uncategorized / Code Defence

Cybersecurity giant CrowdStrike has confirmed the termination of an employee who allegedly shared sensitive internal system details with a hacking

CrowdStrike Terminates Insider for Leaking Internal Data to Hackers Read More »

ShinyHunters Claims Breach of 200+ Companies via Salesforce Gainsight Integration

Leave a Comment / Uncategorized / Code Defence

The ShinyHunters hacking group claims to have compromised over 200 companies by exploiting a supply chain vulnerability in the “Gainsight”

ShinyHunters Claims Breach of 200+ Companies via Salesforce Gainsight Integration Read More »

CISA Adds Critical Oracle Identity Manager Flaw (CVE-2025-61757) to KEV

Leave a Comment / Uncategorized / Code Defence

CISA has added a critical vulnerability (CVE-2025-61757, CVSS 9.8) in Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog.

CISA Adds Critical Oracle Identity Manager Flaw (CVE-2025-61757) to KEV Read More »

Active Exploitation of Microsoft Office Zero-Day RCE

Leave a Comment / Uncategorized / Code Defence

Security researchers have identified a critical Remote Code Execution (RCE) zero-day vulnerability in Microsoft Office that is being actively exploited

Active Exploitation of Microsoft Office Zero-Day RCE Read More »

Latest Cyber Security News