Bybit
public
–
3 min read
In 2025, North Korean state-sponsored hackers executed a sophisticated cyber attack on Bybit, a major cryptocurrency exchange, resulting in the…
Discord
public
–
1 min read
Discord, a widely used messaging platform, suffered a data breach in 2025 after a third-party customer service provider it relied…
OpenSSH (OpenBSD Project)
public
–
3 min read
A critical vulnerability (CVE-2025-61984) in OpenSSH’s ProxyCommand feature allows remote attackers to execute arbitrary code on client systems by…
Elastic
public
–
2 min read
A critical vulnerability (CVE-2025-37728) was discovered in Elastic’s **Kibana CrowdStrike Connector**, where insufficient credential isolation in a shared cache…
Redis
public
–
4 min read
Redis disclosed CVE-2025-49844 (RediShell), a critical CVSS 10.0 vulnerability in its in-memory database software, allowing authenticated attackers to exploit…
Fortra
public
–
3 min read
Fortra’s GoAnywhere Managed File Transfer (MFT) was exploited via CVE-2025-10035, a critical zero-day deserialization vulnerability (CVSS 10.0) in…
Unity Technologies
public
–
3 min read
A critical vulnerability (CVE-2025-59489) was disclosed in the Unity engine, the world’s most widely used game development platform, exposing…
Jaguar Land Rover (JLR)
public
–
4 min read
Jaguar Land Rover (JLR) suffered a devastating cyber attack in 2025 that brought the company to a complete standstill for…
Linux Foundation (or any enterprise using vulnerable Sudo versions 1.9.14–1.9.17)
public
–
2 min read
A critical local privilege escalation vulnerability (CVE-2025-32463) in the Sudo binary (versions 1.9.14–1.9.17) exposes enterprises…
QNAP Systems
public
–
3 min read
QNAP Systems disclosed CVE-2025-57714, a critical unquoted search path vulnerability in its NetBak Replicator 4.5.x backup software for…
Johnson Controls
public
–
4 min read
Johnson Controls, a critical infrastructure provider, faced severe exposure of its industrial control systems (ICS) due to unpatched vulnerabilities and…
Unnamed Manufacturing Firm (Q1 2025 Breach)
public
–
4 min read
In Q1 2025, an unnamed manufacturing company fell victim to a domain-based cyber attack where threat actors exploited a typosquatted…