Category: Exploits

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.

Read more →

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.

Read more →

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.

Read more →

Vendor email compromise (VEC) attacks are bypassing traditional defenses by exploiting human trust rather than technical vulnerabilities, according to a new report by Abnormal AI. The data in the report shows that 72% of employees at large enterprises engaged with fraudulent vendor emails — replying or forwarding messages that contain no links or attachments. This…

Read more →

Vendor email compromise (VEC) attacks are bypassing traditional defenses by exploiting human trust rather than technical vulnerabilities, according to a new report by Abnormal AI. The data in the report shows that 72% of employees at large enterprises engaged with fraudulent vendor emails — replying or forwarding messages that contain no links or attachments. This…

Read more →

Vendor email compromise (VEC) attacks are bypassing traditional defenses by exploiting human trust rather than technical vulnerabilities, according to a new report by Abnormal AI. The data in the report shows that 72% of employees at large enterprises engaged with fraudulent vendor emails — replying or forwarding messages that contain no links or attachments. This…

Read more →

Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an authentication bypass and remote code execution. “These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass,

Read more →

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies…

Read more →

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies…

Read more →

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies…

Read more →

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies…

Read more →

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies…

Read more →

Last week, Egidio Romano disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common commercially supported platforms to create a bulletin board. The vulnerability is remarkable as it exemplifies…

Read more →

The Google Chrome team issued an update to fix a high-severity vulnerability that is being actively exploited in the wild. The issue was also mitigated by a configuration change pushed out last Thursday to users of the stable Chrome version, which didn’t require a browser update. Google Chrome exploits are highly valuable commodities on the…

Read more →

The Google Chrome team issued an update to fix a high-severity vulnerability that is being actively exploited in the wild. The issue was also mitigated by a configuration change pushed out last Thursday to users of the stable Chrome version, which didn’t require a browser update. Google Chrome exploits are highly valuable commodities on the…

Read more →

The Google Chrome team issued an update to fix a high-severity vulnerability that is being actively exploited in the wild. The issue was also mitigated by a configuration change pushed out last Thursday to users of the stable Chrome version, which didn’t require a browser update. Google Chrome exploits are highly valuable commodities on the…

Read more →

Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible systems and execute arbitrary code. The vulnerability, tracked as CVE-2025-49113, carries a CVSS score of 9.9 out of 10.0. It has been described as a…

Read more →

A massive ongoing cryptojacking operation is actively exploiting misconfigured DevOps tools, including Nomad, Consul, Docker, and Gitea, to hijack computing power for cryptocurrency mining, Wiz Threat Research revealed. Dubbed Jinx-0132 by researchers, the campaign has compromised systems globally with attackers deploying XMRig-based miners within minutes of breaching exposed APIs and weak configurations. This marks the…

Read more →

A massive ongoing cryptojacking operation is actively exploiting misconfigured DevOps tools, including Nomad, Consul, Docker, and Gitea, to hijack computing power for cryptocurrency mining, Wiz Threat Research revealed. Dubbed Jinx-0132 by researchers, the campaign has compromised systems globally with attackers deploying XMRig-based miners within minutes of breaching exposed APIs and weak configurations. This marks the…

Read more →

A massive ongoing cryptojacking operation is actively exploiting misconfigured DevOps tools, including Nomad, Consul, Docker, and Gitea, to hijack computing power for cryptocurrency mining, Wiz Threat Research revealed. Dubbed Jinx-0132 by researchers, the campaign has compromised systems globally with attackers deploying XMRig-based miners within minutes of breaching exposed APIs and weak configurations. This marks the…

Read more →

Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild. The high-severity flaw is being tracked as CVE-2025-5419 (CVSS score: 8.8), and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly…

Read more →

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Read more →

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Read more →

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Read more →

Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies. Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations…

Read more →

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly disclosed to the company by the Google Android Security team, are listed below – CVE-2025-21479 and CVE-2025-21480 (CVSS score: 8.6) – Two incorrect authorization vulnerabilities…

Read more →

A “highly active” Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from organizations in sensitive sectors.

Read more →

A “highly active” Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from organizations in sensitive sectors.

Read more →

A “highly active” Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from organizations in sensitive sectors.

Read more →

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It’s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that…

Read more →

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist, which has over 100,000 active installations, is a tool to allow e-commerce site customers to save their favorite products for later and share the lists…

Read more →

Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a user’s entire cloud storage content, as opposed to just the files selected for upload via the tool. “This stems from overly broad OAuth scopes and misleading consent screens that fail to clearly explain…

Read more →

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware. The vulnerability in question is CVE-2025-32432, a maximum severity flaw in Craft CMS that was patched…

Read more →

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month. The activity, observed by GreyNoise on May 8, 2025, involved as many as 251 malicious IP addresses that are all geolocated to Japan and hosted by Amazon. “These IPs triggered 75 distinct behaviors, including CVE…

Read more →

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App Store is confronted by a wide range of threats that seek to defraud users in various ways, ranging from “deceptive apps designed to steal…

Read more →