Category: Exploits

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network. The threat actor has been observed exploiting a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers (CVE-2023-20118) to corral them…

Read more →

Threat actors are increasingly exploiting vulnerabilities to attack critical infrastructure systems. Critical infrastructure organizations accounted for 70% of all attacks that IBM X-Force responded to last year, with more than one quarter of those attacks carried out using vulnerability exploitation. “Over the past year, we observed a continued shift towards identity attacks across all sectors,…

Read more →

The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims’ data.

Read more →

Malware campaign exploiting TikTok’s popularity has been observed using social engineering to spread Vidar and StealC

Read more →

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. “UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access,” Cisco Talos researchers

Read more →

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). “The attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement,” Akamai security researcher…

Read more →

Researchers have discovered a new attack path in Active Directory (AD) environments that use Windows Server 2025 in default configuration. By exploiting the weakness, attackers can compromise any user in the environment leading to a full domain compromise. “This issue likely affects most organizations that rely on AD,” Akamai researcher Yuval Gordon wrote in a…

Read more →

Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present by default.

Read more →

A new equation introduced by the National Institute of Standards and Technology (NIST) aims to offer a mathematical likelihood that a vulnerability has been exploited in the wild.

Read more →

A hacker exploiting the security flaw in the mobile provider’s network could have potentially located a call recipient with accuracy of up to 100 square meters.

Read more →

Security is evolving because attackers already have. The rise in threats facing IT teams today is not random. It reflects how profitable cybercrime has become. While the global illicit drug trade is estimated at up to 652 billion dollars a year, cybercrime costs the world an estimated 9.5 trillion dollars in 2024. If cybercrime were…

Read more →

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.

Read more →

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. “Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early 2025, we have observed multiple ransomware…

Read more →

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below – CVE-2025-4918 – An out-of-bounds access vulnerability when resolving Promise objects…

Read more →

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to as Branch Privilege Injection (BPI), “can be…

Read more →

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don’t wait. They exploit vulnerabilities within hours. Yet most organizations take days…

Read more →

CVE-2025-4632, a patch bypass for a Samsung MagicInfo 9 Server vulnerability disclosed last year, has been exploited by threat actors in the wild.

Read more →

Chrome users are advised to update their browser immediately to fix a critical vulnerability that is being exploited to launch account takeover attacks. In some environments, this could even give attackers the ability to bypass multi-factor authentication (MFA). The recently-reported vulnerability, one of four fixed in a Wednesday update, is tracked as CVE-2025-4664 and affects…

Read more →

As threat actors continue to hop on the train of exploiting CVE-2025-31324, researchers are recommending that SAP administrators patch as soon as possible so that they don’t fall victim next.

Read more →

The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004

Read more →

Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gaining access to customer data weeks before being finally detected. This situation isn’t theoretical: it

Read more →

The US Consumer Financial Protection Bureau has withdrawn a proposed rule that would have restricted data brokers from selling US citizens’ personal and financial information.   The decision, announced Wednesday in the Federal Register, marks a significant reversal in consumer privacy protection efforts and raises serious concerns about the security of sensitive personal data.  “With the…

Read more →

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks. In a chilling example, Microsoft recently disclosed how threat actors misused its Quick Assist remote assistance tool to deploy the destructive

Read more →

The smartphone revolution was supposed to provide a second chance for the tech industry to roll out a secure computing platform. These new devices were purported to be locked down and immune to malware, unlike buggy PCs and vulnerable servers. But it turns out that phones are still computing devices and their users are still people,…

Read more →

Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement in a component called Loader. “Insufficient policy enforcement…

Read more →

The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against “a very limited number of customers” — for now — and stem from open source libraries.

Read more →

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw. “Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version…

Read more →

At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and…

Read more →

Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical

Read more →

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%.  As attacks rise

Read more →

Microsoft has patched seven zero-day bugs, five of which were exploited in the wild

Read more →

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in…

Read more →

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0. “A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker…

Read more →

Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft

Read more →

A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. “These exploits have resulted in a collection of related user data from targets in Iraq,” the Microsoft Threat Intelligence team said. “The targets of the attack…

Read more →

Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff…

Read more →

ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that’s designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by…

Read more →

The FBI is warning that cybercriminals are exploiting end-of-life (EOL) routers that are no longer being patched by manufacturers. Specifically, the “5Socks” and “Anyproxy” criminal networks are using publicly available exploits and injecting persistent malware to gain entry to obsolete routers from Linksys, Cisco and Cradlepoint. Once compromised, the devices are added to residential proxy…

Read more →

Your ultimate goal shouldn’t be security perfection — it should be making exploitation of your organization unprofitable.

Read more →