Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

Cybersecurity, Exploits, Global Security News, remote code execution, Veeam, vulnerability

Veeam issues patch to close critical remote code execution flaw

Veeam has released an update to fix a security flaw in its Backup & Replication software that could let certain users run code on affected systems. The main issue, tracked as CVE-2025-59470, affects all Veeam Backup & Replication version 13 builds, according to a security advisory released Tuesday. Veeam said older product lines, including 12.x…

Read more →

Artificial Intelligence, Exploits, Global Security News

Bug in Open WebUI macht Kostenlos-Tool zur Backdoor

Der Schweregrad des Bugs in Open WebUI wird als hoch eingestuft. Wirestock Creators- shutterstock.com Sicherheitsforschende von Cato Networks haben eine Schwachstelle in Open WebUI, einem selbstgehosteten Enterprise Interface für Large Language Models (LLM), entdeckt. Diese soll es externen Modell-Servern, die über das Feature „Direct Connections“ eingebunden sind, ermöglichen, Schadcode einzuschleusen und KI-Workloads zu übernehmen. Das…

Read more →

Exploits, Global Security News, Uncategorized

Misconfigured email routing enables internal-spoofed phishing

Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails appearing internal, using PhaaS platforms like Tycoon2FA to steal credentials. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains…

Read more →

bec, Exploits, Global Security News, hacking, information security news, IT Information Security, Security

Misconfigured email routing enables internal-spoofed phishing

Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails appearing internal, using PhaaS platforms like Tycoon2FA to steal credentials. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains…

Read more →

Exploits, Global Security News, Phishing, Security, Vulnerabilities

Microsoft warns of a surge in phishing attacks exploiting email routing gaps

Microsoft’s Threat Intelligence team has disclosed that threat actors are increasingly exploiting complex email routing and misconfigured domain spoof protection to make phishing messages appear as if they were sent from inside the organizations they’re targeting. These campaigns are relying on configuration gaps, specifically scenarios where mail exchanger (MX) DNS records don’t point directly to…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Veeam resolves CVSS 9.0 RCE flaw and other security issues

Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, including a critical RCE vulnerability tracked as CVE-2025-59470 (CVSS score of 9.0). A Backup or Tape Operator can achieve remote code execution as the postgres user by abusing…

Read more →

Exploits, Global Security News

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has been assigned the CVE identifier CVE-2026-21877, is rated 10.0 on the CVSS scoring system. “Under certain conditions, an authenticated user may be able to cause untrusted code…

Read more →

Breaking News, Exploits, Global Security News, hacking, internet of things, Security

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625 (CVSS score of 9.3), in legacy D-Link DSL routers. The vulnerability is an improper neutralization of special elements used in an OS Command (‘OS Command Injection’),…

Read more →

Exploits, Global Security News

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent internally. “Threat actors have leveraged this vector to deliver a wide variety of phishing messages related to various phishing-as-a-service (PhaaS) platforms such as Tycoon 2FA,” the

Read more →

Exploits, Global Security News

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3), concerns a case of command injection in the “dnscfg.cgi” endpoint that arises as a result of improper sanitization of user-supplied DNS configuration parameters. “An unauthenticated remote attacker…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-2025-65606, in the TOTOLINK EX200 range extender that lets a remote authenticated attacker fully take over the device. The TOTOLINK EX200 is a compact Wi-Fi range extender…

Read more →

Exploits, Global Security News

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

Security researchers have flagged a high-severity flaw in Open WebUI, a self-hosted enterprise interface for large language models, that allows external model servers connected via its Direct Connections feature to inject malicious code and hijack AI workloads. The issue, tracked as CVE-2025-64496, stems from unsafe handling of server-sent events (SSE), enabling account takeover and, in…

Read more →

APT, Exploits, Global Security News, hacking, hacking news, intelligence, malware

Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

Russia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. “Recent monitoring data from the 360 ​​Advanced…

Read more →

Botnet, Breaking News, cyber crime, Exploits, Global Security News, malware, Security

Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices

The Kimwolf botnet has infected over 2 million Android devices, spreading mainly through residential proxy networks, researchers say. The Kimwolf botnet has compromised more than 2 million Android devices, spreading primarily via residential proxy networks, according to cybersecurity firm Synthient. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. French authorities investigate AI ‘undressing’ deepfakes on X Thousands of ColdFusion exploit attempts spotted during Christmas…

Read more →

Exploits, Global Security News, Uncategorized

Thousands of ColdFusion exploit attempts spotted during Christmas holiday

GreyNoise observed thousands of attacks targeting about a dozen Adobe ColdFusion vulnerabilities during the Christmas 2025 holiday. GreyNoise reports a coordinated campaign exploiting about a dozen Adobe ColdFusion vulnerabilities, with thousands of attack attempts observed during the Christmas 2025 holiday. “GreyNoise observed a coordinated exploitation campaign targeting Adobe ColdFusion servers over the Christmas 2025 holiday period.” reads…

Read more →

Exploits, Geopolitics, Global Security News, Government, Policy, privacy

Treasury removes Intellexa spyware-linked trio from sanctions list

The Trump administration this week removed three Iranians from its sanctions list who were previously accused of working for Intellexa, the consortium behind the Predator spyware that recent investigations say has circumvented human rights safeguards. The Biden administration imposed sanctions against the trio in 2024 as part of a broader move to sanction spyware operators.…

Read more →

Cybercrime, Malware, Ransomware, Security, Exploits, Global Security News

US cybersecurity experts plead guilty to attacking US companies with ransomware

Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, delay, or affect commerce through extortion. They will be sentenced on March 12, 2026, the US Department of Justice announced this week. Ryan Goldberg and Kevin Martin were charged with using the BlackCat ransomware against multiple victims in the…

Read more →

Cybercrime, Malware, Ransomware, Security, Exploits, Global Security News

Two cybersecurity experts plead guilty to running ransomware operation

Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, delay, or affect commerce through extortion. They will be sentenced on March 12, 2026, the US Department of Justice announced this week. Ryan Goldberg and Kevin Martin were charged with using the BlackCat ransomware against multiple victims in the…

Read more →

Breaking News, Exploits, Global Security News, hacking, Security

IBM warns of critical API Connect bug enabling remote access

IBM disclosed a critical API Connect flaw (CVE-2025-13915, CVSS 9.8) that allows remote access via an authentication bypass. IBM addressed a critical API Connect vulnerability, tracked as CVE-2025-13915 (CVSS score of 9.8) that allows remote access via an authentication bypass. API Connect is IBM’s API management platform. It’s used by organizations to create, secure, manage,…

Read more →

Cybercrime, Exploits, Global Security News, hacking, hacking news, Uncategorized

React2Shell under attack: RondoDox Botnet spreads miners and malware

RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is exploiting the critical React2Shell flaw (CVE-2025-55182) to drop malware and cryptominers on vulnerable Next.js servers. “CloudSEK’s report details a persistent nine-month RondoDoX botnet campaign targeting IoT devices and web applications. Recently, the…

Read more →

Exploits, Global Security News

Critical vulnerability in IBM API Connect could allow authentication bypass

IBM is urging customers to quickly patch a critical vulnerability in its API Connect platform that could allow remote attackers to bypass authentication. The company describes API Connect as a full lifecycle application programming interface (API) gateway used “to create, test, manage, secure, analyze, and socialize APIs.” It particularly touts it as a way to…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 (MongoBleed), was disclosed right after Christmas, an unwelcome “gift” for the cybersecurity community, impacting MongoDB Server deployments that use zlib network compression. MongoDB is a popular open-source NoSQL database used to store and manage data…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a MongoDB Server vulnerability, tracked as CVE-2025-14847 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. The recently disclosed MongoDB vulnerability CVE-2025-14847 (aka MongoBleed) is being actively exploited, with more…

Read more →

Exploits, Global Security News, Security, Vulnerabilities, Zero-Day Vulnerabilities

Patch Tuesday 2025 roundup: The biggest Microsoft vulnerabilities of the year

Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost guaranteed to be one of those days, though with any luck it’s merely troublesome, not catastrophic. In 2025, however, some of them gave CSOs heartburn: Microsoft issued mitigations for…

Read more →

CISA, Cybersecurity, Exploits, Global Security News, Research, Threats

MongoBleed defect swirls, stamping out hope of year-end respite

Cybersecurity professionals are closing out 2025 confronting yet another information-disclosure vulnerability, drawing widespread concern as threat hunters and researchers race to avoid impacts comparable to previous defects dubbed with a “bleed” suffix.  MongoBleed — CVE-2025-14847 — is a high-severity vulnerability affecting many versions of MongoDB with default configurations that allows unauthenticated attackers to leak server…

Read more →

Breaking News, cyber crime, data breach, Exploits, Global Security News, hacking, Security

Korean Air discloses data breach after the hack of its catering and duty-free supplier

Korean Air employee discloses a data breach after a hack of its catering and duty-free supplier, KC&D, affecting thousands of staff. Korean Air suffered a data breach after its in-flight catering supplier Korean Air Catering & Duty-Free (KC&D) was hacked, exposing personal data of ~30,000 employees of Korean Air employees. Korean Air is South Korea’s…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

MongoBleed flaw actively exploited in attacks in the wild

A recently disclosed MongoDB flaw (MongoBleed) is under active exploitation, with over 87,000 potentially vulnerable instances exposed worldwide. A newly disclosed MongoDB vulnerability, tracked as CVE-2025-14847 (aka MongoBleed, CVSS score of 8.7), is being actively exploited, with more than 87,000 potentially vulnerable instances identified worldwide. Cybersecurity researcher Joe Desimone published a proof-of-concept exploit for this vulnerability…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture gradually unravels. The vulnerability enables unauthenticated remote code execution through React Server Components, allowing attackers to execute arbitrary code on affected servers via a crafted request.…

Read more →

ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis, Reports

Malware Trends Q4 2025: Inside ANY.RUN’s Latest Threat Landscape Report 

We’re glad to present our regular quarterly report highlighting the most prominent malicious trends of the last three months of 2025, as observed by ANY.RUN’s community.  Following the release of our annual report on key threats and milestones, this report offers a closer look at the threat landscape of the final chapter of 2025.  The Malware Trends report Q4 features top malware types, families, phishing kits, TTPs, APTs, and other notable insights.  You can turn to the previous Q3 report for reference.  Key Takeaways  Threat activity remained steady,…

Read more →

Exploits, Global Security News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed. “A…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 556 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. LangChain core vulnerability allows prompt injection and data exposure NPM package with 56,000 downloads compromises WhatsApp…

Read more →

Breaking News, Crypto, cyber crime, Exploits, Global Security News, hacking

Trust Wallet warns users to update Chrome extension after $7M security loss

Trust Wallet urged users to update its Chrome extension after a security incident caused about $7 million in losses. Trust Wallet warned users to update its Google Chrome extension after a security incident that resulted in about $7 million in losses. The flaw affects version 2.68 of the multi-chain, non-custodial wallet, which has around one…

Read more →

Exploits, Global Security News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection. LangChain Core (i.e., langchain-core) is a core Python package that’s part of the LangChain ecosystem, providing the core interfaces and model-agnostic abstractions for…

Read more →

Breaking News, Exploits, Fortinet, Global Security News, hacking, Security

Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited

Fortinet reported active exploitation of a five-year-old FortiOS SSL VPN flaw, abused in the wild under specific configurations. Fortinet researchers observed “recent abuse” of a five-year-old security vulnerability, tracked as CVE-2020-12812 (CVSS score: 5.2), in FortiOS SSL VPN. The vulnerability is exploited in attacks in the wild under certain configurations. CVE-2020-12812 is an improper authentication flaw…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover

MongoDB addressed a high-severity vulnerability that can be exploited to achieve remote code execution on vulnerable servers. MongoDB addressed a high-severity vulnerability, tracked as CVE-2025-14847 (CVSS score 8.7), an unauthenticated, remote attacker can exploit the issue to execute arbitrary code on vulnerable servers. “An client-side exploit of the Server’s zlib implementation can return uninitialized heap…

Read more →

Exploits, Global Security News

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 (CVSS score: 8.8), relates to a case of command injection that allows post-authentication remote code

Read more →

Exploits, Global Security News, Resources

Closing the Cybersecurity Skills Gap: Why Women Are Essential to the Industry’s Future

In this post, I will talk about closing the cybersecurity skills gap. Also, I will reveal why Women are essential to the industry’s future. Cybersecurity has become one of the defining challenges of the digital era. As organisations accelerate cloud adoption, remote work, and AI-driven operations, attackers are exploiting expanded attack surfaces with unprecedented speed…

Read more →

Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking

Red Hat GitLab breach exposes data of 21,000 Nissan customers

Hackers breached Red Hat’s GitLab, stealing data of 21,000 customers; Nissan confirmed exposure via a self-managed GitLab instance. Japanese carmaker Nissan disclosed a data breach tied to a self-managed GitLab instance used by Red Hat Consulting. Threat actors gained access to the GitLab instance, stealing data from 21,000 customers. In October, the Crimson Collective claimed…

Read more →

Exploits, Global Security News

MacSync Stealer malware bypasses macOS Gatekeeper security warnings

The MacSync Stealer macOS malware can now infect victims’ computers using what appears to be a legitimate application with minimal user interaction, according to Apple device management and security vendor Jamf. Until now, macOS campaigns needed to persuade users to launch infected applications through relatively intrusive techniques such as ClickFix social engineering or the expert…

Read more →

Exploits, Global Security News, hacking, hacking news, information security news, IT Information Security, Security

Critical n8n flaw could enable arbitrary code execution

A critical flaw in the n8n automation platform could allow attackers to execute arbitrary code if exploited under specific conditions. Researchers warn that a critical vulnerability, tracked as CVE-2025-68613 (CVSS score of 9.9), in the n8n workflow automation platform could allow attackers to achieve arbitrary code execution under certain circumstances. The package gets about 57,000 downloads per week,…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Why Third-Party Access Remains the Weak Link in Supply Chain Security

Attackers exploited a supply chain weakness, abusing trusted components to compromise systems and spread malicious activity across connected targets. Your next breach probably won’t start inside your network—it will start with someone you trust. Every supplier, contractor, and service provider needs access to your systems to keep business running, yet each login is a potential…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, Security

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Digiever DS-2105 Pro vulnerability, tracked as CVE-2023-52163 (CVSS Score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. Digiever DS-2105 Pro is a network video recorder (NVR) device designed…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

Exploits, Global Security News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked as CVE-2025-68613, carries a CVSS score of 9.9 out of a maximum of 10.0. The package has about 57,000 weekly downloads, according to statistics on npm.…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Threats

Leader of 764 offshoot pleads guilty, faces up to 60 years in jail

A 19-year-old man from San Antonio pleaded guilty Friday to multiple crimes involving the sexual exploitation of children while acting as an administrator and leader of 8884, a splinter group of the violent extremist collective known as 764.  Alexis Aldair Chavez faces up to 60 years in prison for racketeering, distribution and possession of child…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ATM Jackpotting ring busted: 54 indicted by DoJ U.S. CISA adds a flaw in WatchGuard Fireware…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a WatchGuard Fireware OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a WatchGuard Firebox OS vulnerability, tracked as CVE-2025-14733 (CVSS Score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. This flaw is a critical out-of-bounds write vulnerability in WatchGuard Fireware…

Read more →

Exploits, Global Security News, Network Security, Security, Vulnerabilities, Zero-Day Vulnerabilities

WatchGuard fixes ‘critical’ zero-day allowing firewall takeover

WatchGuard has issued an urgent patch alert for its Firebox firewall appliances after discovering a critical-rated vulnerability that is under exploit by threat actors. Tracked as CVE-2025-14733, with a CVSS score of 9.3, the flaw is an Out-of-bounds Write vulnerability affecting the iked process, a WatchGuard Fireware OS component responsible for the IKEv2 key exchange…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign. The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign aimed at stealing sensitive data from organizations worldwide. Gladinet CentreStack is a software platform that allows organizations to turn their existing file servers,…

Read more →

Exploits, Global Security News

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks. Tracked as CVE-2025-14733 (CVSS score: 9.3), the vulnerability has been described as a case of out-of-bounds write affecting the iked process that could allow a remote unauthenticated attacker to execute arbitrary code. “This…

Read more →

Exploits, Global Security News, Security, Vulnerabilities, Zero-Day Vulnerabilities

Cisco bestätigt Zero-Day-Exploit für Secure Email

Cisco hat eine Zero-Day-Lücke in seinen Secure-Email-Produkten entdeckt. JarTee – shutterstock.com Cisco Talos hat kürzlich eine Cyberkampagne entdeckt, die auf Ciscos AsyncOS-Software für Secure Email Gateway, Secure Email und Web Manager abzielt. Die Kampagne soll mindestens seit Ende November laufen. Ein Patch ist derzeit noch nicht verfügbar, so der Netzwerkriese. Umfang des Risikos Laut Cisco…

Read more →

APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, Security

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

Cisco disclosed a critical zero-day (CVE-2025-20393) in Secure Email Gateway and Secure Email and Web Manager, actively exploited by a China-linked group. Cisco disclosed a critical zero-day, tracked as CVE-2025-20393, in Secure Email Gateway and Secure Email/Web Manager, which is actively exploited by a China-linked threat group. Cisco reported a December 10 campaign targeting certain…

Read more →

Exploits, Global Security News, Libraries and Frameworks, React, Security, Software Development, Vulnerabilities, Web Development

React2Shell is the Log4j moment for front end development

Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Financially-motivated attackers have found a way to use the flaw, dubbed React2Shell (CVE-2025-55182), to execute arbitrary code on vulnerable servers through a single malicious HTTP request. This allows them to quickly and…

Read more →

Exploits, Global Security News, Network Security, Security, Vulnerabilities

HPE OneView vulnerable to remote code execution attack

A maximum severity remote code execution vulnerability in Hewlett Packard Enterprise (HPE) OneView network and systems management suite is “bad” and needs to be patched immediately, says a cybersecurity expert. “Vendors typically downplay the severity of a vulnerability,” says Curtis Dukes, executive VP for security best practices at the Center for Internet Security, “but HPE…

Read more →

AI, Anthropic, Cybersecurity, Exploits, Global Security News, Government, Technology

Policymakers grapple with fallout from Chinese AI-enabled hack

Policymakers and companies are reckoning with increased reports over the past few months showing AI tools being leveraged to conduct cyber attacks on a larger and faster scale. Most notably, Anthropic reported last month that Chinese hackers had jailbroken and tricked its AI model Claude into assisting with a cyberespionage hacking campaign that ultimately targeted…

Read more →

APT, china, Cybersecurity, Exploits, Global Security News, Research, Threats

Cisco customers hit by fresh wave of zero-day attacks from China-linked APT

Cisco customers are confronting a fresh wave of attacks from a Chinese threat group that has actively exploited a critical zero-day vulnerability affecting the vendor’s software for email and web security since at least late November, the company said in an advisory Wednesday.  Cisco said it became aware of the attacks Dec. 10. The defect…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, HPE, Security

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Hewlett Packard Enterprise (HPE) fixed a critical OneView flaw that could allow attackers to achieve remote code execution. Hewlett Packard Enterprise (HPE) addressed a maximum-severity security vulnerability, tracked as CVE-2025-37164 (CVSS score of 10.0), in OneView Software. An attacker can exploit the flaw to achieve remote code execution. HPE OneView is an integrated IT management…

Read more →