Latest Threats & Blogs
Fortinet FortiSIEM flaw is now being actively exploited threat actors
A critical vulnerability in Fortinet FortiSIEM, for which proof-of-concept exploit code is publicly available, is currently being actively exploited in real-world attacks.
Fortinet confirmed that the issue stems from an …
Potential Everest Ransomware Attack on McDonald’s India (January 2026)
On 20 January 2026, the Everest ransomware group publicly claimed responsibility for a cyberattack against McDonald’s India, alleging the exfiltration of ~861 GB of sensitive corporate and customer data. The …
Exploited MongoBleed vulnerability exposes MongoDB credentials across 87,000 servers
Threat Brief : MongoBleed Heap overflow vulnerability
On December 19, 2025, MongoDB disclosed a serious security flaw known as MongoBleed (CVE-2025-14847). This vulnerability enables unauthenticated attackers to extract sensitive heap …
On December 19, 2025, MongoDB disclosed a serious security flaw known as MongoBleed (CVE-2025-14847). This vulnerability enables unauthenticated attackers to extract sensitive heap …
Test Blog
"This update to our Content Security Policy adds an additional layer of protection by blocking unauthorized scripts, further helping safeguard your organization against evolving security threats," Kokkalera added.
This move …
Typosquatted Packages Deploy Multi-Stage Credential Harvester
Security researchers discovered 10 dangerous, fake software packages on the npm registry that have been actively stealing user login information for over four months, accumulating nearly 10,000 downloads. These packages …
PhantomRaven attack floods npm with credential-stealing packages
An active campaign named ‘PhantomRaven’ is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
The activity started in August and deployed …