More than 46,000 online-facing Grafana instances are still unpatched and vulnerable to CVE-2025-4123—a serious client-side flaw. This open redirect vulnerability allows attackers to load malicious plugins, hijack user sessions, and potentially take control of user accounts. Despite a fix released on May 21, many organizations have yet to upgrade, according to research by OX Security. […]
Every online interaction begins with a DNS query. When users access your site, DNS tells their browser where to go. Yet, the protocol behind this process was not built with today’s threats in mind. Without modern protections, attackers can exploit DNS to hijack traffic, steal data, or cause service disruptions. DNS security must be prioritized […]
A newly uncovered vulnerability in Discord’s invitation system has opened the door for cybercriminals to spread remote access malware. The flaw enables threat actors to hijack expired or deleted Discord invite links and redirect users to maCybercriminals have found a new way to spread malware by abusing Discord’s invitation system. They reuse expired or deleted […]