Latest News

OneLogin OIDC Client Secrets Exposed via Apps API (CVE 2025 59363)

A serious security flaw has been discovered in One Identity’s OneLogin platform. In earlier versions, 2025.3.0, the system accidentally exposed OIDC client secrets through its ...

StratosAlly

Latest News

Cisco ASA Zero-Days Used to Deploy RayInitiator, LINE VIPER

The U.K. NCSC and Cisco warn that a state-linked campaign exploited recently disclosed Cisco firewall flaws in zero-day attacks to deploy two novel implants, RayInitiator ...

StratosAlly

Latest News

New PlugX Variant Targets Telecom and Manufacturing Networks Across Central and South Asia

A new variant of the PlugX remote access trojan (RAT), also known as Korplug or SOGU, is being deployed in an ongoing cyber campaign against ...

StratosAlly

Latest News

Chinese Hackers Deploy BRICKSTORM Backdoor in Year-Long Espionage Campaign

Suspected China-linked operators have been observed using a Go-based backdoor dubbed BRICKSTORM in a series of long-running espionage intrusions, according to a new analysis from ...

StratosAlly

Latest News

When Your Email Guardian Needs Guarding: Libraesva’s Emergency Fix

Libraesva has rolled out an emergency security update for its Email Security Gateway (ESG) after confirming that a command injection vulnerability, tracked as CVE-2025-59689, was ...

StratosAlly

Latest News

Stellantis Data Breach Tied to Salesforce Vendor Compromise

Stellantis, the multinational automaker behind Chrysler, Dodge, Jeep, Peugeot, and a dozen other brands, has confirmed that customer information was compromised in a recent cyber ...

StratosAlly

Latest News

MalTerminal: Security Teams Warn After Discovery of GPT-4-Driven Malware Prototype

Cybersecurity researchers at SentinelOne have come across a curious sample that may be the first malware to actually embed a Large Language Model (LLM). The ...

StratosAlly

Latest News

Fake GitHub Pages Deliver Atomic Stealer in macOS Malware Campaign

LastPass has warned of a widespread malware campaign in which attackers are abusing GitHub repositories to distribute Atomic Stealer (AMOS), an infostealer targeting Apple macOS ...

StratosAlly

Latest News

Cyberattack on Jaguar Land Rover Extends Factory Shutdown and Puts Supply Chain at Risk

Jaguar Land Rover (JLR), Britain’s largest automotive manufacturer, has prolonged its production shutdown after suffering a major cyber incident on September 1. The company confirmed ...

StratosAlly

Latest News

Apple Backports Security Fix for Exploited ImageIO Flaw to Older Devices

Apple has backported a patch for CVE-2025-43300, an out-of-bounds write flaw in the ImageIO framework, extending protection to older devices that did not initially receive ...

StratosAlly

Latest News

OneLogin OIDC Client Secrets Exposed via Apps API (CVE 2025 59363)

Cisco ASA Zero-Days Used to Deploy RayInitiator, LINE VIPER

New PlugX Variant Targets Telecom and Manufacturing Networks Across Central and South Asia

Chinese Hackers Deploy BRICKSTORM Backdoor in Year-Long Espionage Campaign

When Your Email Guardian Needs Guarding: Libraesva’s Emergency Fix

Stellantis Data Breach Tied to Salesforce Vendor Compromise

MalTerminal: Security Teams Warn After Discovery of GPT-4-Driven Malware Prototype

Fake GitHub Pages Deliver Atomic Stealer in macOS Malware Campaign

Cyberattack on Jaguar Land Rover Extends Factory Shutdown and Puts Supply Chain at Risk

Apple Backports Security Fix for Exploited ImageIO Flaw to Older Devices

community

Join the community to Stay Updated with the Latest Cybersecurity Trends