Reza Rafati
-
Bugcrowd Buys Mayhem Security for AI Hacking
Bugcrowd acquires Mayhem Security, an AI and cyber scaleup. This merger boosts ethical hacking with AI-powered testing. Mayhem’s AI platform offers continuous security testing. The collaboration aims to shrink attack surfaces and pre-empt risks.
-
Sanctions Hit Russia’s Bulletproof Hosting Provider
U.S., UK, and Australia sanction Russia-based Media Land for providing bulletproof hosting to ransomware groups like LockBit, BlackSuit, and Play, freezing assets and prohibiting transactions.
-
Grafana Patches Critical SCIM Flaw
Grafana has patched a critical security flaw, CVE-2025-41115, in its SCIM component. This vulnerability could lead to user impersonation or privilege escalation in affected Grafana Enterprise versions. Users are advised to update immediately.
-
France Delivers SAMP/T Air Defense to Ukraine
France to boost Ukraine’s air defense with eight advanced SAMP/T NG systems, equipped with Aster 30 Block 1 NT missiles to counter ballistic and hypersonic threats.
-
CVE-2025-8855: 2FA Bypass in Brokerage Automation
CVE-2025-8855 is a critical 2FA bypass vulnerability in Optimus Software’s Brokerage Automation platform. It combines authorization bypass, weak password recovery, and authentication bypass flaws, leading to high-severity risks and unauthorized access.
-
PhantomRaven Malware Found in 126 npm Packages, Stealing GitHub Tokens
PhantomRaven exploits npm packages to steal GitHub tokens and CI/CD secrets, Koi Security says.
-
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases
Safery is a malicious Chrome wallet extension that hides stolen Ethereum seed phrases inside Sui micro-transactions; defenders should monitor unexpected browser RPC calls and on-chain writes during wallet import.
-
Cisco RCE Vulnerability Affects Security Appliances
Cisco has identified a critical RCE vulnerability, CVE-2024-20353, affecting its Secure Web Appliance and Secure Email Gateway products. Immediate updates are urged.
-
Cisco Firepower Firewalls: Next-Gen Protection and Critical Vulnerabilities
This article examines Cisco Firepower Firewalls, detailing their next-generation protection capabilities and critical vulnerabilities. It highlights the importance of timely updates as warned by CISA for effective cybersecurity.
-
What is Rhadamanthys Infostealer?
Rhadamanthys Infostealer compromises digital security by illicitly acquiring sensitive user data. This sophisticated malicious software operates as a Malware-as-a-Service (MaaS), posing a significant threat to individuals and organizations. It facilitates widespread credential theft and financial exploitation. This report examines Rhadamanthys’ operational mechanisms, its propagation methods, and the broader implications of its activities, including recent efforts…