Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, intelligence

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. “The National Security Agency (NSA) and…

Read more →

APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, intelligence

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. “The National Security Agency (NSA) and…

Read more →

APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, intelligence

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. “The National Security Agency (NSA) and…

Read more →

APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, intelligence

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. “The National Security Agency (NSA) and…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

UNC6395 targets Salesloft in Drift OAuth token theft campaign

Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

UNC6395 targets Salesloft in Drift OAuth token theft campaign

Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

UNC6395 targets Salesloft in Drift OAuth token theft campaign

Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

UNC6395 targets Salesloft in Drift OAuth token theft campaign

Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…

Read more →

Exploits, Global Security News, Network Security, Vulnerabilities, Zero-Day Vulnerabilities

Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns

Citrix NetScaler ADC and NetScaler Gateway customers have been hit by a new round of zero day vulnerabilities that require urgent patching, including one the company warned is being actively exploited. That exploitation alert makes the highest priority flaw, CVE-2025-7775, the one admins will want to start with. According to Citrix’s advisory, it’s a memory…

Read more →

Breaking News, citrix, Exploits, Global Security News, hacking, Security

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…

Read more →

Breaking News, citrix, Exploits, Global Security News, hacking, Security

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…

Read more →

Breaking News, citrix, Exploits, Global Security News, hacking, Security

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…

Read more →

Breaking News, citrix, Exploits, Global Security News, hacking, Security

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…

Read more →

Breaking News, CISA, citrix, Exploits, Global Security News, hacking, Security

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it…

Read more →

Breaking News, CISA, citrix, Exploits, Global Security News, hacking, Security

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it…

Read more →

Breaking News, CISA, citrix, Exploits, Global Security News, hacking, Security

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it…

Read more →

Breaking News, CISA, citrix, Exploits, Global Security News, hacking, Security

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

Microsoft details Storm-0501’s focus on ransomware in the cloud

A financially motivated threat group operating since 2021 has refined its technical tradecraft, honing its focus on cloud-based systems that allow it to expand ransomware operations beyond the scope of on-premises infrastructure, Microsoft Threat Intelligence said in a report released Wednesday. By leveraging cloud-native capabilities, Storm-0501 has exfiltrated large volumes of data with speed, destroying…

Read more →

Exploits, Global Security News

Storm-0501 debuts a brutal hybrid ransomware attack chain

Microsoft Threat Intelligence today released a report on the financially motivated group Storm-0501, warning that the threat actor has sharpened its ransomware tactics by exploiting hijacked privileged accounts to move seamlessly between on-premises and cloud environments, exploiting visibility gaps to encrypt data and carry out mass deletions of cloud resources, including backups. “They’re not just…

Read more →

Exploits, Global Security News, Tools & Platforms

Qwiet AI Adds New Integrations & Features to AppSec Platform

Qwiet AI is rolling out updates to its application security platform, featuring new integrations and AI-powered AutoFix capabilities designed for development teams. Azure DevOps and GitHub among integrations now available  Announced today, the San Jose-based company stated that the enhancements will target organizations struggling to balance security requirements with their rapid software delivery cycles. The…

Read more →

Exploits, Global Security News, Tools & Platforms

Qwiet AI Adds New Integrations & Features to AppSec Platform

Qwiet AI is rolling out updates to its application security platform, featuring new integrations and AI-powered AutoFix capabilities designed for development teams. Azure DevOps and GitHub among integrations now available  Announced today, the San Jose-based company stated that the enhancements will target organizations struggling to balance security requirements with their rapid software delivery cycles. The…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Technology, Tenable, Threats

Citrix NetScaler customers hit by third actively exploited zero-day vulnerability since June

Citrix and cybersecurity researchers warn a critical, zero-day vulnerability affecting multiple versions of Citrix NetScaler products is under active exploitation. Citrix issued a security bulletin about the vulnerability — CVE-2025-7775 — and urged customers on affected versions to install upgrades Tuesday. The memory-overflow vulnerability, which has an initial CVSS rating of 9.2, can be exploited…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, online scams, Politics, Risk Management, Webroot Blog

Senior scams topped $4.8 billion in 2024: What to watch out for

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation. The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the…

Read more →

Exploits, Global Security News, Judge Harvey E. Schlesinger, King Bob, Ne'er-Do-Well News, SIM Swapping

SIM-Swapper, Scattered Spider Hacker Gets 10 Years

A 20-year-old Florida man at the center of a prolific cybercrime group known as “Scattered Spider” was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of Palm Coast, Fla. pleaded guilty in April 2025 to charges of wire fraud and conspiracy.…

Read more →

Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware

Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with data exfiltration across enterprise environments.

Read more →

Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware

Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with data exfiltration across enterprise environments.

Read more →

Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware

Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with data exfiltration across enterprise environments.

Read more →

A Little Sunshine, Elliott Peterson, Exploits, Global Security News, Ne'er-Do-Well News

Oregon Man Charged in ‘Rapper Bot’ DDoS Service

A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets — including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online…

Read more →

cyber security, Exploits, Global Security News

Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs

Cyber Essentials is a UK government scheme that outlines steps organisations can take to secure their systems. It contains five controls that cover the basics of effective information and cyber security. Anyone familiar with the scheme can implement the controls, regardless of their information security knowledge. And although the controls are only basic – not…

Read more →

cyber security, Exploits, Global Security News

Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs

Cyber Essentials is a UK government scheme that outlines steps organisations can take to secure their systems. It contains five controls that cover the basics of effective information and cyber security. Anyone familiar with the scheme can implement the controls, regardless of their information security knowledge. And although the controls are only basic – not…

Read more →

cyber security, Exploits, Global Security News

Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs

Cyber Essentials is a UK government scheme that outlines steps organisations can take to secure their systems. It contains five controls that cover the basics of effective information and cyber security. Anyone familiar with the scheme can implement the controls, regardless of their information security knowledge. And although the controls are only basic – not…

Read more →

AI, cyber security, Endpoint, Exploits, Global Security News, malware

How to Build a Homoglyph Phishing Link That Bypasses Human Detection — Even Booking.com Users

A newly discovered phishing campaign is leveraging a Unicode homoglyph trick to impersonate Booking.com and distribute malicious MSI installers capable of delivering infostealers or remote access trojans (RATs). This attack, spotted by security researcher JamesWT, exploits the Japanese hiragana character “ん” (U+3093), which can visually resemble a forward slash (“/”) or “/n” in certain fonts,…

Read more →

Breadcrumbs, Exploits, Global Security News, Ne'er-Do-Well News, Ransomware, The Coming Storm

Who Got Arrested in the Raid on the XSS Crime Forum?

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculation and panic among XSS denizens about the identity of the…

Read more →

cyber security, Expert insight, Exploits, Global Security News, penetration testing, security testing

What are the Different Types of Penetration Test?

And how do you choose the right one for your needs? Penetration testing (also known as ‘pen testing’ or ‘ethical hacking’) offers a vital tool for identifying gaps and opportunities to strengthen your security programme. We asked our head of security testing, James Pickard, to explain the different types of test. In this interview Is…

Read more →

cyber security, Expert insight, Exploits, Global Security News, penetration testing, security testing

What are the Different Types of Penetration Test?

And how do you choose the right one for your needs? Penetration testing (also known as ‘pen testing’ or ‘ethical hacking’) offers a vital tool for identifying gaps and opportunities to strengthen your security programme. We asked our head of security testing, James Pickard, to explain the different types of test. In this interview Is…

Read more →

cyber security, Expert insight, Exploits, Global Security News, penetration testing, security testing

What are the Different Types of Penetration Test?

And how do you choose the right one for your needs? Penetration testing (also known as ‘pen testing’ or ‘ethical hacking’) offers a vital tool for identifying gaps and opportunities to strengthen your security programme. We asked our head of security testing, James Pickard, to explain the different types of test. In this interview Is…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, malware

New Linux backdoor Plague bypasses auth via malicious PAM module

A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy Linux backdoor called Plague, hidden as a malicious PAM (Pluggable Authentication Module) module. It silently bypasses authentication and grants persistent SSH access. A Pluggable Authentication Module…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Meta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploits

Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ireland 2025 hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits. Participants can earn up to $1 million for…

Read more →

APT, Exploits, Global Security News, hacking, information security news, intelligence, Security

ToolShell under siege: Check Point analyzes Chinese APT Storm-2603

Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campaign exploiting four Microsoft SharePoint flaws, linking it to China-nexus groups APT27, APT31, and a new cluster, Storm-2603. The researchers pointed out that Storm-2603’s goals remain…

Read more →

Email Security, Phishing, Exploits, Global Security News

Attackers wrap phishing links through URL scanning services to bypass detection

Attackers are exploiting the URL wrapping practices of email security services to conceal phishing links and lend credibility to their malicious campaigns. Email security services often rewrite email message URLs to route them through an intermediary domain for scanning. While redirecting links through URL scanning services may seem counterintuitive, attackers take advantage of the delay…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Attackers actively exploit critical zero-day in Alone WordPress Theme

Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025-5394 (CVSS score of 9.8), in the “Alone – Charity Multipurpose Non-profit WordPress Theme” to compromise websites. On May 30th, 2025, security researcher Thái An…

Read more →

Exploits, Global Security News

Ransomware up 179%, credential theft up 800%: 2025’s cyber onslaught intensifies

In the first six months of 2025, cybercriminals have already stolen billions of credentials, exploited thousands of vulnerabilities, and launched record-breaking ransomware attacks–leaving security teams and organizations worldwide scrambling to keep up. A Flashpoint midyear tally shows credential theft has jumped ninefold, vulnerability disclosures have risen 3.5 times, and ransomware incidents have nearly tripled. “In…

Read more →

Endpoint Protection, Security, Exploits, Global Security News

‘EDR-on-EDR Violence’: Hackers turn security tools against each other

Cybersecurity researchers have uncovered a troubling new attack vector where threat actors are weaponizing free trials of endpoint detection and response (EDR) software to disable existing security tools — a phenomenon they’ve dubbed “EDR-on-EDR violence.” Security researchers Ezra Woods and Mike Manrod have documented a phenomenon where attackers use one security product to systematically disable…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Google, Research, Technology

Project Zero disclosure policy change puts vendors on early notice

Google this week changed how it publicly discloses vulnerabilities in a bid to give defenders early details about new software defects it discovers, shortening the early window of time between a vendor releasing a patch and customers installing the security update. Project Zero, Google’s squad of security researchers who find and study zero-day vulnerabilities, will…

Read more →

Exploits, Global Security News, Patch Management Software, Threat and Vulnerability Management, Zero-Day Vulnerabilities

32% of exploited vulnerabilities are now zero-days or 1-days

Patching windows for organizations keep shortening, as threat actors exploit important vulnerabilities increasingly faster. According to recent report from VulnCheck, a third of flaws leveraged by attackers this year have been zero-days or 1-days. With so little advance warning, defenders must invest more in exploit detection and monitoring and ensure they keep on top of…

Read more →

Apple, Breaking News, Exploits, Global Security News, hacking, Security

Apple fixed a zero-day exploited in attacks against Google Chrome users

Apple addressed a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. Apple released security updates to address a high-severity vulnerability, tracked as CVE-2025-6558 (CVSS score of 8.8), that has been exploited in zero-day attacks targeting Google Chrome users. The vulnerability is an insufficient validation of untrusted input in ANGLE and…

Read more →

Exploits, Global Security News

Game changer: How AI simplifies implementation of Zero Trust security objectives

As enterprises increasingly move workloads to private cloud for reasons such as performance and compliance and to leverage AI on-premises, security leaders face a critical challenge: implementing Zero Trust architecture at scale. While Zero Trust has become the gold standard for enterprise security, operationalizing it manually presents significant obstacles that AI can help overcome. Unlike…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

PyPI maintainers alert users to email verification phishing attack

PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email verification” to redirect users to fake package sites. PyPI warns of an active phishing attack using fake “[PyPI] Email verification” messages from noreply@pypj[.]org, aiming to lure users to spoofed PyPI sites. PyPI, short for the Python Package Index, is the official repository for Python…

Read more →

Exploits, Global Security News, Government, Hacking, Microsoft SharePoint, Security

Again? Microsoft hit for poor security in major SharePoint hack

Once again, Microsoft software is at the center of a massive global attack that has victimized vital US government agencies and businesses around the world. This time, the security hole is in SharePoint, Microsoft’s widely used collaboration software used to build company and agency websites, manage files and documents, and help people share and work…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware

Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company

Hackers exploited a SAP NetWeaver bug to deploy upgraded Auto-Color Linux malware in an attack on U.S. chemicals firm. Cybersecurity firm Darktrace reported that threat actors exploited a SAP NetWeaver flaw, tracked as CVE-2025-31324, to deploy Auto-Color Linux malware in a U.S. chemicals firm attack. “In April 2025, Darktrace identified an Auto-Color backdoor malware attack…

Read more →

Exploits, Global Security News, Malware, Security, Vulnerabilities

Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack

Threat actors recently tried to exploit a freshly patched max-severity SAP Netweaver flaw to deploy a persistent Linux remote access trojan (RAT) “Auto-Color.” According to a Darktrace report, a recent attack abused the flaw to set up a stealthy advanced-stage compromise but was shortly contained by its “autonomous response.” “In April 2025, Darktrace identified an…

Read more →

ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis, malware behavior

Major Cyber Attacks in July 2025: Obfuscated .LNK‑Delivered DeerStealer, Fake 7‑Zip, and More

While cybercriminals were working overtime this July, so were we at ANY.RUN — and, dare we say, with better results. As always, we’ve picked the most dangerous and intriguing attacks of the month. But this time, there’s more.  Alongside the monthly top, we are highlighting a key trend that’s been powering campaigns throughout 2025: the…

Read more →

Breaking News, Cyber warfare, Exploits, Global Security News, hacking, hacktivism

Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights

A cyberattack claimed by Ukrainian group Silent Crow and Belarusian Cyber-Partisans crippled Aeroflot ’s systems, canceling over 100 flights. On July 28, 2025, a cyberattack claimed by Ukrainian group Silent Crow and Belarusian Cyber-Partisans crippled the systems of Russian state-owned carrier Aeroflot. Over 100 flights were cancelled following the attack, which also caused delays. The…

Read more →

Apple, Breaking News, Exploits, Global Security News, hacking, Security

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

Microsoft found a macOS flaw letting attackers access private data from protected areas like Downloads and Apple Intelligence caches. Microsoft Threat Intelligence researchers discovered a macOS vulnerability that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC). Apple’s Transparency, Consent, and Control framework in macOS is designed…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, Security

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

U.S. U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-20281 Cisco Identity Services Engine Injection Vulnerability…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Threats

FBI alerts tie together threats of cybercrime, physical violence from The Com

The FBI released a trove of research on The Com last week, warning that the sprawling cybercriminal network of minors and young adults is growing rapidly and splintering into three primary subsets described by officials as Hacker Com, In Real Life Com and Extortion Com. The warnings lay out how The Com’s thousands of members,…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

Critical vulnerability in Post SMTP plugin risks full site takeover, over 400k sites use it, and nearly half remain unpatched. A critical vulnerability, tracked as CVE-2025-24000 (CVSS of 8.8) in the Post SMTP WordPress plugin, used by 400k sites, allows full site takeover. The plugin Post SMTP is an email delivery plugin that allows site owners…

Read more →

Exploits, Global Security News, Malware, Security, Vulnerabilities

Chinese ‘Fire Ant’ spies start to bite unpatched VMware instances

Suspected China-aligned actors are running a new “Fire Ant” espionage campaign, active since early 2025, that targets VMWare ESXi, vCenter servers, and F5 appliances to achieve stealthy hypervisor-level control. According to a Sygnia discovery, the campaign has been exploiting critical flaws in VMware environments to gain unauthenticated access to virtualization infrastructure and deploy persistent malware…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

Scattered Spider targets VMware ESXi in using social engineering

Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software exploits. The cybercrime group Scattered Spider (aka 0ktapus, Muddled Libra, Octo Tempest, and UNC3944) is targeting VMware ESXi hypervisors in retail, airline, and transportation sectors across North America. According to Google’s Mandiant team, the group…

Read more →