Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Security
Researchers Expose Critical Secure Boot Vulnerabilities Affecting Millions of UEFI Systems

Researchers Expose Critical Secure Boot Vulnerabilities Affecting Millions of UEFI Systems

Security researchers have uncovered two significant vulnerabilities that can completely bypass Secure Boot protections on UEFI-compatible systems, po…
Critical Signature Verification Flaw Discovered in OpenPGP.js Library

Critical Signature Verification Flaw Discovered in OpenPGP.js Library

A critical vulnerability in the widely used OpenPGP.js library has been discovered that allows attackers to spoof message signatures, potentially com…
AT&T Data Breach Exposes 86 Million Customer Records

AT&T Data Breach Exposes 86 Million Customer Records

Cyber crooks have leaked the AT&T database, which was reportedly stolen by the ShinyHunters group in April 2024 after they exploited major securi…
Major Data Breach Exposes 3.6 Million Records from App-Building Platform

Major Data Breach Exposes 3.6 Million Records from App-Building Platform

A security researcher has disclosed a non-password protected database linked to an app-building platform designed for creators, coaches, influencers,…
Cybercriminals Exploit Salesforce Accounts Through Voice Phishing to Steal Corporate Information

Cybercriminals Exploit Salesforce Accounts Through Voice Phishing to Steal Corporate Information

Google Threat Intelligence Group has identified a financially motivated cybercrime operation that has successfully compromised multiple organisations…
Critical GPU Flaws Disclosed by Qualcomm and ARM Impact Billions of Mobile Devices

Critical GPU Flaws Disclosed by Qualcomm and ARM Impact Billions of Mobile Devices

Major semiconductor companies Qualcomm and ARM have simultaneously released urgent security bulletins addressing critical vulnerabilities in their gr…
10-Year-Old Vulnerability Discovered in Roundcube Webmail Affects Millions of Hosts

10-Year-Old Vulnerability Discovered in Roundcube Webmail Affects Millions of Hosts

A critical security vulnerability that remained hidden for nearly a decade has been discovered in Roundcube Webmail, potentially affecting over 53 mi…
Critical Microsoft Scripting Engine Zero-Day Exploited in Wild, PoC Now Public

Critical Microsoft Scripting Engine Zero-Day Exploited in Wild, PoC Now Public

Microsoft, in its May 2025 patch Tuesday update, addressed 72 vulnerabilities, including five zero-days. One zero-day vulnerability in its Scripting …
Deloitte's GitHub Credentials and Source Code Allegedly Exposed in Dark Web Leak

Deloitte's GitHub Credentials and Source Code Allegedly Exposed in Dark Web Leak

Global consulting giant Deloitte is confronting new cybersecurity allegations after a threat actor claiming the alias "303" reportedly post…
Critical RCE Flaw Discovered in D-Tale Data Visualization Tool

Critical RCE Flaw Discovered in D-Tale Data Visualization Tool

A critical security vulnerability has been discovered in D-Tale, a popular data visualization tool, allowing attackers to execute arbitrary system c…
Massive Data Breach Exposes 184 Million Login Credentials Across Major Platforms

Massive Data Breach Exposes 184 Million Login Credentials Across Major Platforms

A cybersecurity researcher has uncovered one of the largest data breaches in recent memory, exposing over 184 million unique login credentials for ma…
Self-Spreading Dero Mining Malware Targets Docker Containers in Zombie-Like Campaign

Self-Spreading Dero Mining Malware Targets Docker Containers in Zombie-Like Campaign

Cybersecurity researchers at Kaspersky have uncovered a sophisticated malware campaign that spreads through containerized environments like a digital…
Microsoft Exposes New Russian Cyber Espionage Group Targeting NATO Allies

Microsoft Exposes New Russian Cyber Espionage Group Targeting NATO Allies

Microsoft Threat Intelligence has identified a sophisticated new Russian-affiliated threat actor called Void Blizzard , also known as LAUNDRY BEAR , …
Global Takedown Disrupts LummaC2 Information-Stealing Malware Operation

Global Takedown Disrupts LummaC2 Information-Stealing Malware Operation

Coordinated effort by Microsoft, DOJ, and international partners dismantles infrastructure behind malware that infected nearly 400,000 computers worl…
Critical VM Escape Vulnerability Discovered in Oracle VirtualBox

Critical VM Escape Vulnerability Discovered in Oracle VirtualBox

Security researchers from Google's Security Research team have disclosed a high-severity vulnerability in Oracle's VirtualBox virtualization …
Google Unveils New Android Security and Privacy Features for 2025

Google Unveils New Android Security and Privacy Features for 2025

Google has announced a comprehensive suite of new security and privacy features for Android devices in 2025, focusing on protecting users from sophis…
Coinbase Data Breach: Customer Information Stolen Through Insider Access

Coinbase Data Breach: Customer Information Stolen Through Insider Access

Cryptocurrency exchange giant Coinbase has disclosed a significant data breach involving customer information, according to a Form 8-K filing with th…
Ivanti EPMM Under Attack: Critical RCE Flaws Actively Exploited

Ivanti EPMM Under Attack: Critical RCE Flaws Actively Exploited

Security researchers at watchTowr have published their analysis of two critical vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM) soluti…
Critical Security Vulnerabilities Impacting Core Microsoft Cloud Services

Critical Security Vulnerabilities Impacting Core Microsoft Cloud Services

Microsoft has confirmed the discovery of four critical security vulnerabilities affecting its core cloud services, with one reaching the maximum poss…
Chinese Android Apps Found Using Insecure Encryption, Study Reveals

Chinese Android Apps Found Using Insecure Encryption, Study Reveals

A new study from researchers at the Citizen Lab and Princeton University has exposed a troubling trend in the network security of Android apps, parti…