Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Security

Critical Zero-Day Vulnerability Grants Root Access to Wing FTP Servers Worldwide

A critical null-byte injection vulnerability in Wing FTP Server has been discovered that allows attackers to gain complete root access to affected sy…

CitrixBleed 2 Vulnerability Now Under Active Attack Worldwide

A critical new vulnerability dubbed " CitrixBleed 2 " is being actively exploited by cybercriminals, marking a dangerous return of sessio…

BreachForums Administrators Arrested - French Police Dismantled Cybercrime's Underground Empire

Global cybercrime marketplace suffers devastating blow as French authorities capture the masterminds behind the world's largest stolen data tradi…

CoinTelegraph Allegedly Hacked as Fake Crypto Airdrop Scam Targets Users

Major cryptocurrency news outlet Cointelegraph allegedly fell victim to a sophisticated website compromise, with attackers injecting malicious pop-up…

CoinMarketCap Hacked, Fake Pop-Ups Drain User Wallets

A major security breach at CoinMarketCap, a top cryptocurrency data platform, has exposed millions of users to a wallet-draining scam, raising fresh …

16 Billion Passwords Leaked in Largest Data Breach Ever—That's Two Accounts for Every Human Alive

A staggering 16 billion login credentials have been exposed in what security researchers are calling one of the largest data breaches in history, rep…

Russian Hackers Perfect New Social Engineering Attack That Bypasses MFA

Russian government-linked hackers have developed a sophisticated new social engineering technique that successfully bypasses multi-factor authenticat…

TokenBreak Attack - Single Character Bypass Defeats LLM Safety Guardrails

A single character change can now completely bypass the safety systems of major AI platforms like ChatGPT, Claude, and Gemini.  Security researchers …

GerriScary - A Supply Chain Vulnerability Compromises 18 Google Projects

Security researchers at Tenable Cloud Research have disclosed a significant supply chain vulnerability dubbed " GerriScary " that exposed a…

Five Critical Security Vulnerabilities Disclosed in Widely-Used libxml2 Library

The maintainers of libxml2, a fundamental XML parsing library used across countless software applications, have disclosed five serious security vulne…

Critical Flaw in ZendTo File Transfer App Exposes User Data Across Organizations

Security researchers have uncovered a serious path traversal vulnerability in ZendTo , a widely used file-sharing platform trusted by universities, …

Apple's macOS Tahoe Faces Early Security Challenge with LPE Vulnerability Discovery

Just four days after Apple announced macOS Tahoe at WWDC 2025, security researcher Csaba Fitzl has uncovered a local privilege escalation (LPE) vulne…

CISA Warns of Ransomware Attacks Targeting SimpleHelp RMM Software

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning organizations about ongoing ransomware attacks expl…

Zero-Click Spyware Attacks Compromised iOS Devices Through iMessage Vulnerability

Security researchers have obtained the first forensic confirmation that Paragon Solutions' Graphite spyware successfully infiltrated iOS devices …

EchoLeak - Zero-Click AI Vulnerability Discovered in Microsoft 365 Copilot

Security researchers at Aim Labs have uncovered a sophisticated zero-click vulnerability dubbed " EchoLeak " that enables attackers to auto…

Stealth Falcon Exploits Zero-Day CVE-2025-33053 Against Middle East Defense Targets

Check Point Research has uncovered a sophisticated cyber espionage campaign orchestrated by the Stealth Falcon APT group, which exploited a previousl…

Researchers Expose Critical Secure Boot Vulnerabilities Affecting Millions of UEFI Systems

Security researchers have uncovered two significant vulnerabilities that can completely bypass Secure Boot protections on UEFI-compatible systems, po…

Critical Signature Verification Flaw Discovered in OpenPGP.js Library

A critical vulnerability in the widely used OpenPGP.js library has been discovered that allows attackers to spoof message signatures, potentially com…

AT&T Data Breach Exposes 86 Million Customer Records

Cyber crooks have leaked the AT&T database, which was reportedly stolen by the ShinyHunters group in April 2024 after they exploited major securi…

Major Data Breach Exposes 3.6 Million Records from App-Building Platform

A security researcher has disclosed a non-password protected database linked to an app-building platform designed for creators, coaches, influencers,…