Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Security

Researcher Uncovers AWS S3 Ransomware Vulnerabilities

Security researchers at Rhino Security Labs have uncovered a concerning vulnerability in Amazon Web Services ( AWS ) S3 storage systems that could a…

Signature Verification Bypass Discovered in Nuclei Vulnerability Scanner

Security researchers at Wiz have uncovered a significant vulnerability in Nuclei, a widely-used open-source security scanning tool, that could allow …

LDAPNightmare - Windows Server LDAP Vulnerability Exploit Released

SafeBreach Labs researchers have published the first proof-of-concept exploit for CVE-2024-49113, a critical vulnerability affecting Windows Server s…

Alleged 7-Zip Zero-Day Vulnerability Claims Disputed by Developer

A recent claim of a zero-day vulnerability in the popular file compression software 7-Zip has been disputed by the program's developer, raising q…

Chinese State Hackers Breach Ninth US Telecom in Extensive Campaign

The White House has confirmed that a ninth US telecommunications company has fallen victim to the " Salt Typhoon " cyber-espionage campaign…

Apache Patches Critical Remote Code Execution Vulnerability in Tomcat

The Apache Software Foundation has issued an urgent security advisory regarding a critical remote code execution (RCE) vulnerability in Apache Tomcat…

6 Cloud Security Best Practices To Avoid Digital Blindspots

Cloud-based technologies provide consumers and organizations a flexible, cost-effective solution to share, optimize, and scale digital activities. Ho…

Vulnerability in Spring Boot Actuator Exposes Cloud Environments

A new research report from Wiz Threat Research has uncovered widespread security risks in Spring Boot Actuator implementations, affecting numerous cl…

New Android Spyware Operation Exploits Qualcomm Driver Vulnerabilities in Serbia

A new investigation by Amnesty International has revealed a sophisticated surveillance operation in Serbia that combined multiple spyware tools to ta…

Cisco Source Code Allegedly Leaked Through DevHub Exposure

In October, IntelBroker claimed to have gained access to Cisco's systems, stealing large amounts of data belonging to the company and its custome…

Microsoft Patched Azure MFA Bypass Vulnerability - AuthQuake

Oasis Security's research team has uncovered and helped resolve a significant vulnerability in Microsoft's Multi-Factor Authentication (MFA) …

What's in Google's Cybersecurity Forecast for 2025?

As we advance further into the digital age, the cybersecurity landscape continues to evolve at an unprecedented pace. Google has released its cyberse…

Top Cybersecurity Threats in 2025 and How to Protect Against Them

The digital environment is dynamic, and so is the case for cybersecurity threats. With the growing usage of the internet and web applications by busi…

Critical 7-Zip Vulnerability Could Allow Remote Code Execution Through Malicious Archives

A critical security vulnerability has been discovered in 7-Zip, the popular file compression utility, potentially allowing attackers to execute malic…

Android and Google Pixel Security Vulnerabilities Disclosed

Security researchers have uncovered and disclosed seven significant vulnerabilities affecting Android and Google Pixel devices, highlighting ongoing …

T-Mobile Hacked in Broader Chinese Cyber-Espionage Campaign

T-Mobile has been identified as one of several telecommunications companies affected by a sophisticated Chinese cyber-espionage operation, according …

Critical Vulnerability in Arc Browser's Legacy Boost Feature Patched

A security researcher identified a significant vulnerability in the Arc browser that could have allowed attackers to gain write access to a user'…

Citrix Patches Unauthenticated RCE Flaw in Virtual Apps and Desktops

Citrix has released security updates to address two vulnerabilities in its Virtual Apps and Desktops Session Recording feature that could allow attac…

MOVEit Hack - Amazon, McDonald’s, HSBC, HP and Many Employee Data Leak

A significant data breach stemming from a vulnerability in MOVEit file transfer software has resulted in the exposure of over 5 million employe…

Security Researchers Unveils 0ktapus Phishing Techniques

Security researchers at Wiz have published a detailed technical analysis revealing how the notorious threat actor 0ktapus (aka Scattered Spider, UNC3…