Latest News

Apple Backports Security Fix for Exploited ImageIO Flaw to Older Devices

Apple has backported a patch for CVE-2025-43300, an out-of-bounds write flaw in the ImageIO framework, extending protection to older devices that did not initially receive ...

StratosAlly

Latest News

New Phishing Tool VoidProxy Targets Microsoft and Google Accounts, Stealing Credentials and MFA Codes

Okta Threat Intelligence has identified a high-risk phishing platform named VoidProxy. The service targets Microsoft 365 and Google users to capture sensitive data, including login ...

StratosAlly

Latest News

Samsung Addresses Critical Android Zero-Day in Quram Image Codec

On September 12, 2025, Samsung issued its latest Android security patch, which resolves a significant zero-day flaw that has been actively exploited in attacks on ...

StratosAlly

Latest News

EggStreme Malware: A Stealth Weapon Targeting Military Systems

A newly uncovered cyber-espionage campaign is attributed to a Chinese-linked Advanced Persistent Threat (APT) group. While the campaign strongly aligns with Chinese APT tactics and ...

StratosAlly

Latest News

Emergency Patch Released for SessionReaper Vulnerability

Adobe has released a security update addressing a serious flaw in Adobe Commerce and Magento Open Source, known as SessionReaper (CVE-2025-54236). This vulnerability has a ...

StratosAlly

Soft Skills

Cyber Hygiene: Because Hackers Don’t Need an Invite to Your Party

If personal hygiene is about not smelling like a 3-day-old stale food in public, then cyber hygiene is about not leaving your digital life like ...

Quirky Quill

Latest News

Silent Push exposed Salt Typhoon’s Hidden Domain Web with UNC4841 Links

Silent Push, a cybersecurity intelligence firm, has uncovered 45 previously unreported domains linked with Salt Typhoon, with part of the infrastructure overlapping with UNC4841. Significantly, ...

StratosAlly

Latest News

Supply Chain Attack: npm Packages Leak Keys to Telegram Bot

Security researchers have uncovered a supply chain attack in the npm registry, involving four packages disguised as Flashbots MEV tools and cryptographic utilities. These packages ...

StratosAlly

Latest News

“Hackers Weaponize ‘HexStrike AI’ to Exploit Fresh Citrix NetScaler Flaws”

Researchers at Check Point have warned that cybercriminals are attempting to leverage HexStrike AI to automate attacks against recently disclosed Citrix NetScaler flaws, with underground ...

StratosAlly

Latest News

‘Silver Fox’ Hackers Exploit Signed Drivers to Evade Security Defenses

Researchers at Check Point reported that the threat actor known as Silver Fox, also referred to as SwimSnake or UTG-Q-1000, employed a Bring Your Own ...

StratosAlly

Latest News

Apple Backports Security Fix for Exploited ImageIO Flaw to Older Devices

New Phishing Tool VoidProxy Targets Microsoft and Google Accounts, Stealing Credentials and MFA Codes

Samsung Addresses Critical Android Zero-Day in Quram Image Codec

EggStreme Malware: A Stealth Weapon Targeting Military Systems

Emergency Patch Released for SessionReaper Vulnerability

Cyber Hygiene: Because Hackers Don’t Need an Invite to Your Party

Silent Push exposed Salt Typhoon’s Hidden Domain Web with UNC4841 Links

Supply Chain Attack: npm Packages Leak Keys to Telegram Bot

“Hackers Weaponize ‘HexStrike AI’ to Exploit Fresh Citrix NetScaler Flaws”

‘Silver Fox’ Hackers Exploit Signed Drivers to Evade Security Defenses

community

Join the community to Stay Updated with the Latest Cybersecurity Trends