Reza Rafati
-
CVE-2025-8855: 2FA Bypass in Brokerage Automation
CVE-2025-8855 is a critical 2FA bypass vulnerability in Optimus Software’s Brokerage Automation platform. It combines authorization bypass, weak password recovery, and authentication bypass flaws, leading to high-severity risks and unauthorized…
·
·
3–4 minutes -
PhantomRaven Malware Found in 126 npm Packages, Stealing GitHub Tokens
PhantomRaven exploits npm packages to steal GitHub tokens and CI/CD secrets, Koi Security says.
·
·
1–2 minutes -
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases
Safery is a malicious Chrome wallet extension that hides stolen Ethereum seed phrases inside Sui micro-transactions; defenders should monitor unexpected browser RPC calls and on-chain writes during wallet import.
·
·
1–2 minutes -
Cisco RCE Vulnerability Affects Security Appliances
Cisco has identified a critical RCE vulnerability, CVE-2024-20353, affecting its Secure Web Appliance and Secure Email Gateway products. Immediate updates are urged.
·
·
1–2 minutes -
Cisco Firepower Firewalls: Next-Gen Protection and Critical Vulnerabilities
This article examines Cisco Firepower Firewalls, detailing their next-generation protection capabilities and critical vulnerabilities. It highlights the importance of timely updates as warned by CISA for effective cybersecurity.
·
·
2–3 minutes -
What is Rhadamanthys Infostealer?
Rhadamanthys Infostealer compromises digital security by illicitly acquiring sensitive user data. This sophisticated malicious software operates as a Malware-as-a-Service (MaaS), posing a significant threat to individuals and organizations. It facilitates…
·
·
2–3 minutes -
What is CitrixBleed 2 (CVE-2025-5777)?
CitrixBleed 2 (CVE-2025-5777) is a critical information-disclosure vulnerability impacting NetScaler ADC and Gateway systems, allowing unauthorized attackers to bypass MFA, hijack admin sessions, and establish unauthorized VDE sessions. This zero-day…
·
·
2–4 minutes -
Global Fraud Rings Explained
Global fraud rings are highly organized, transnational criminal enterprises that use intricate networks and sophisticated tactics to illicitly acquire money, assets, or sensitive information from individuals, corporations, and national economies…
·
·
2–3 minutes -
Canada Imposes New Sanctions on Russian Drone and Energy Production
Canada has imposed new sanctions on Russia, targeting its drone and energy industries, and infrastructure implicated in cyberattacks against Ukraine. These measures escalate economic pressure aimed at curbing Russia’s ongoing…
·
·
1–2 minutes -
Russia’s Finance Ministry to Debut Yuan Bonds in December
Russia’s Finance Ministry will issue its first series of government bonds denominated in Chinese yuan next month, diversifying its borrowing portfolio and mitigating Western sanctions amid declining traditional revenue streams…
·
·
1–2 minutes
