Latest News

Stay updated with the latest cybersecurity news, Linux, tech,threat intelligence, and security research from around the world

Win-DDoS Flaws Turn Domain Controllers into Botnets

SafeBreach researchers have unveiled 'Win-DDoS,' a novel attack that turns public domain controllers into a powerful DDoS botnet. This method exploits RPC and LDAP flaws to amplify traffic without credentials or code execution, manipulating the LDAP URL referral process to redirect thousands of DCs to a victim's server. What makes this technique dangerous is its stealth and efficiency; it requires no purchased infrastructure and leaves no traceable footprint, turning the Windows platform itself into both a weapon and a victim.

11/08/2025 · Cybersecurity

Linux Kernel 6.17 RC1 Released by Linus Torvalds

Linus Torvalds has officially released the first release candidate for Linux Kernel 6.17. Discover the key changes, including initial support for new hardware, file system improvements, and crucial security enhancements. Get the details and find out why Torvalds called this merge window 'surprisingly calm.' This is a must-read for developers and enthusiasts eager to test the latest kernel and understand its impact on system stability and cybersecurity.

10/08/2025 · Cybersecurity

Debian 13 Trixie Released What You Need to Know

The much-anticipated Debian 13 'Trixie' has officially been released, marking a significant milestone for one of the world's most stable and secure operating systems. This new version takes over from 'Bookworm,' bringing a host of critical updates for security professionals, developers, and system administrators alike. Key enhancements include the leap to Linux Kernel 6.9, which offers massively improved hardware support and performance. From a security perspective, Trixie is a game-changer, with position-independent executables (PIE) now enabled by default across all packages and an updated cryptographic library in OpenSSL 3.3. This release continues Debian's legacy of delivering rock-solid reliability, now with a significantly hardened security posture right out of the box. Whether you manage servers or use Debian on your workstation, Trixie is a compelling and necessary upgrade.

09/08/2025 · Cybersecurity

PeaZip 10.6 Enhances Archive Handling and Speed

The latest PeaZip 10.6 release is here, delivering significant performance upgrades for power users and cybersecurity professionals. Headlining this update is the new 'Dynamic Virtual Mode,' a game-changing feature designed to streamline interactions with large archives. Instead of fully extracting files to a temporary directory, this mode allows for on-the-fly access, dramatically speeding up the process of opening individual files. Additionally, the archive pre-parsing mechanism has been heavily optimized, providing near-instant previews of archive contents, even for complex or large files. This is a massive quality-of-life improvement for anyone who needs to quickly inspect compressed files like ZIP, RAR, or TAR. The update also includes enhanced support for ZPAQ formats and various stability fixes, reinforcing PeaZip's position as a top-tier, free, and open-source file archiver. This version is a must-have for efficient and secure file management.

09/08/2025 · Software

Brazil Hit by AI Phishing and Efimer Crypto Trojan

Cybersecurity researchers are sounding the alarm on a dual-pronged threat targeting Brazil. In one campaign, threat actors are leveraging legitimate generative AI tools to create highly convincing phishing pages of Brazilian government agencies to trick users into making payments. These fraudulent sites are boosted with SEO poisoning to appear in top search results. Simultaneously, a separate malspam campaign is distributing the Efimer trojan, a potent malware designed to steal cryptocurrency, which has already impacted over 5,000 users.

08/08/2025 · Cybersecurity News

ECScape Flaw in Amazon ECS Allows Credential Theft

Researchers discovered the ECScape flaw in Amazon ECS, enabling cross-task credential theft and privilege escalation. Learn how it works and how to mitigate it.

07/08/2025 · Cloud Security

Trend Micro Apex One Flaws Actively Exploited

Trend Micro has confirmed that critical vulnerabilities in its on-premise Apex One security solution are being actively exploited in the wild. The flaws, tracked as CVE-2025-54948 and CVE-2025-54987, both carry a severe 9.4 CVSS score and can lead to remote code execution (RCE). While Trend Micro has patched its cloud offering, on-premise customers must apply a temporary fix tool immediately to protect against these threats, with a full patch expected in mid-August 2025. System administrators are urged to apply the fix and review remote access policies.

06/08/2025 · Vulnerability

ClickFix Malware Uses Fake CAPTCHAs for Infections

A sophisticated blend of propagation methods, clever narratives, and advanced evasion techniques has fueled the rise of the social engineering tactic known as ClickFix over the past year, according to new research from Guardio Labs. Security researcher Shaked Chen notes that this new strain has rapidly outpaced the infamous fake browser update scam. 'Like a real-world virus variant, this new 'ClickFix' strain quickly outpaced and ultimately wiped out the infamous fake browser update scam that plagued the web just last year,' Chen stated. 'It did so by removing the need for file downloads, using smarter social engineering tactics, and spreading through trusted infrastructure.' The result is a widespread wave of infections, ranging from mass drive-by attacks to highly targeted spear-phishing campaigns. First detected in early 2024, ClickFix deceives targets into compromising their own systems under the guise of fixing a fake problem or completing a CAPTCHA verification, leading to cross-platform infections on both Windows and macOS.

05/08/2025 · Cybersecurity

Google Patches Two Actively Exploited Qualcomm Zero-Days

Google's August 2025 Android update patches two actively exploited Qualcomm zero-day vulnerabilities. Learn about CVE-2025-21479 and CVE-2025-27038 and why you must update your device now.

05/08/2025 · Vulnerability

Newer posts

Older posts