Skip to content
network security

network security

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

May 22, 2025Ravie LakshmananCybersecurity / Vulnerability A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). “The attack exploits the… 

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

May 22, 2025Ravie LakshmananEnterprise Security / Malware A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of… 

Identity Security Has an Automation Problem—And It’s Bigger Than You Think

Identity Security Has an Automation Problem—And It’s Bigger Than You Think

May 22, 2025The Hacker NewsEnterprise Security / Identity Management For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500… 

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

May 21, 2025Ravie LakshmananMalware / Windows Security Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. “The campaign aimed at Russian business began… 

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

May 21, 2025Ravie LakshmananMalware / Artificial Intelligence Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of… 

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

May 21, 2025Ravie LakshmananMobile Security / Browser Security Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA)… 

Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager

Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager

May 21, 2025Ravie LakshmananData Breach / Account Security Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when it detects the credentials to…