TappyURL - URL Shortener

Cybersecurity News

Get the latest cybersecurity news, threat alerts, and expert tips to safeguard your data. Stay ahead of hackers, malware, and online attacks with TappyURL’s up to date security insights.

16 articles

New OAuth ConsentFix Attack Bypasses Microsoft Entra Authentication to Steal Cloud Access Keys

A new OAuth based attack called ConsentFix lets hackers exploit Microsoft Entra authentication flows to steal authorization codes, bypassing security controls. The attack abuses legitimate login processes, making detection difficult even in highly secured cloud environments.

Tappy Admin

Jan 14, 2026

133 3 min read

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto Messaging

Researchers uncovered a new Astaroth banking trojan campaign in Brazil that spreads via WhatsApp, using Python based worm modules to steal contacts, propagate itself, and harvest banking credentials through multi stage malware delivery.

Tappy Admin

Jan 11, 2026

102 3 min read

Featured

Instagram Users Targeted in Password Reset Attack After 17.5 Million Accounts Leaked Online

Instagram users face password reset attacks following a data breach exposing 17.5 million accounts on BreachForums. Attackers exploit legitimate reset requests through social engineering. Two factor authentication remains the critical defense against account takeover attempts.

Tappy Admin

Jan 11, 2026

52 4 min read

Cisco ISE Vulnerability Let Remote attacker Access Sensitive Data

Cisco patched CVE-2026-20029, a critical XXE vulnerability in ISE/ISE-PIC allowing authenticated admins to access sensitive files. All versions before 3.5 are affected. No attacks detected yet, but proof of concept exists. Immediate patching urged for enterprise environments.

Tappy Admin

Jan 11, 2026

50 2 min read

PoC Exploit Released for Android / Linux Kernel Vulnerability (CVE-2025-38352)

CVE-2025-38352 is a critical Linux kernel race condition vulnerability in POSIX CPU timers affecting 32 bit Android devices. The "Chronomaly" exploit enables privilege escalation without needing kernel addresses. CISA confirms active exploitation; users should update kernels immediately.

Tappy Admin

Jan 11, 2026

52 3 min read

Trend Micro warns of critical Apex Central RCE vulnerability

Trend Micro patched CVE-2025-69258, a critical Apex Central vulnerability allowing unauthenticated attackers to execute malicious code with SYSTEM privileges via DLL injection. Tenable discovered the flaw affecting port 20001. Users must apply Critical Patch Build 7190 immediately.

Tappy Admin

Jan 11, 2026

42 2 min read

IBM warns of critical API Connect auth bypass vulnerability

IBM warns of a critical API Connect authentication bypass flaw (CVE-2025-13915) allowing remote unauthorized access, urging immediate patching or mitigation to prevent active exploitation.

Tappy Admin

Dec 31, 2025

85 2 min read

Featured

Apple issues warning to all 1.8bn iPhone users over 'extremely sophisticated attack'

Apple has issued an urgent alert for iPhone and iPad users to install the latest updates after discovering active zero day WebKit flaws. These vulnerabilities could let hackers silently take control of devices via malicious websites.

Tappy Admin

Dec 31, 2025

69 3 min read

Featured

MongoBleed Alert: 74,000+ MongoDB Databases Still Exposed

As of December 30, over 74,000 MongoDB databases remain exposed to the actively exploited MongoBleed vulnerability (CVE-2025-14847), allowing attackers to extract sensitive memory data without authentication; patches and detection tools are strongly advised.

Tappy Admin

Dec 30, 2025

107 3 min read

RansomHouse Ransomware Breach Hits Askul: 740,000 Customer Records Stolen, Operations Disrupted for Months

Japanese e-commerce firm Askul confirmed a RansomHouse ransomware attack stole about 740,000 customer and partner records, disrupted operations since October, and forced shipment suspensions, system isolation, MFA rollout, and delayed financial reporting.

Tappy Admin

Dec 19, 2025

56 3 min read

SoundCloud Breach Linked to Stolen User Database, Millions Potentially Impacted

SoundCloud confirmed a security breach that exposed user email addresses and public profile data, affecting millions of accounts. The incident triggered service disruptions, VPN access blocks, and temporary outages as the company worked to secure its systems.

Tappy Admin

Dec 19, 2025

53 3 min read

Hackers Hijack 700+ Gogs Servers Using Unpatched Zero Day in Massive Global Attack

Hackers are exploiting an unpatched Gogs zero day (CVE-2025-8110) to gain remote code execution via symlink path traversal, compromising over 700 servers. Attackers create rogue repositories, deploy Supershell malware, and target exposed instances with open registration enabled.

Tappy Admin

Dec 11, 2025

69 3 min read

« Previous
Next »

Showing 1 to 12 of 16 results

All Categories

Cybersecurity News 16 Our Notice 2 Tech News 30

Cybersecurity News

New OAuth ConsentFix Attack Bypasses Microsoft Entra Authentication to Steal Cloud Access Keys

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto Messaging

Instagram Users Targeted in Password Reset Attack After 17.5 Million Accounts Leaked Online

Cisco ISE Vulnerability Let Remote attacker Access Sensitive Data

PoC Exploit Released for Android / Linux Kernel Vulnerability (CVE-2025-38352)

Trend Micro warns of critical Apex Central RCE vulnerability

IBM warns of critical API Connect auth bypass vulnerability

Apple issues warning to all 1.8bn iPhone users over 'extremely sophisticated attack'

MongoBleed Alert: 74,000+ MongoDB Databases Still Exposed

RansomHouse Ransomware Breach Hits Askul: 740,000 Customer Records Stolen, Operations Disrupted for Months

SoundCloud Breach Linked to Stolen User Database, Millions Potentially Impacted

Hackers Hijack 700+ Gogs Servers Using Unpatched Zero Day in Massive Global Attack

Featured Posts

Tech Meta faces Europe antitrust investigation over WhatsApp AI policy

Micron Exits Consumer RAM & SSD Market, Fueling New Memory Shortage Fears

Albiriox Malware Hits 400+ Financial Apps, Hijacks Banking and Crypto Accounts Worldwide

All Categories