Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr satellite, hijacking state TV to broadcast Crown Prince Reza Pahlavi’s calls for protests against the Islamic Republic. Pahlavi’s media team also shared the footage of the hack. “Several Iranian…
Category: hacking
Breaking News, Cybercrime, Exploits, Global Security News, hacking, malware, Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 80
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Gogs 0-Day Exploited in the Wild SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment “Untrustworthy Fund”: targeted UAC-0190 cyberattacks against SOU using PLUGGYAPE (CERT-UA#19092) Hiding in Plain Sight: Deconstructing the Multi-Actor…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure…
Breaking News, cyber crime, Europe, Global Security News, hacking, malware
Ukraine–Germany operation targets Black Basta, Russian leader wanted
Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainian suspects. Law enforcement also issued an international wanted notice for the group’s alleged Russian ringleader. “The Office of…
APT, Breaking News, china, Exploits, Global Security News, hacking, Security
China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug
Cisco fixed a maximum severity AsyncOS flaw in Secure Email products, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco fixed a critical AsyncOS flaw, tracked as CVE-2025-20393 (CVSS score of 10.0), affecting Secure Email Gateway and Email and Web Manager, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco detected attacks…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover
A critical Modular DS WordPress flaw (CVE-2026-23550) is actively exploited, enabling unauthenticated privilege escalation. Threat actors are actively exploiting a critical Modular DS WordPress vulnerability tracked as CVE-2026-23550 (CVSS score of 10). Modular DS is a WordPress plugin with over 40,000 installs that helps manage multiple sites, enabling monitoring, updates, and remote administration. In plugin…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
A ransomware attack disrupted operations at South Korean conglomerate Kyowon
South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests spanning education, publishing, media, and technology. It operates nationwide, serving millions of customers through its various subsidiaries and brands. The company is a significant player in…
Artificial Intelligence, Breaking News, Global Security News, hacking, information security news, Security
Palo Alto Networks addressed a GlobalProtect flaw, PoC exists
Palo Alto Networks addressed a flaw impacting GlobalProtect Gateway and Portal, for which a proof-of-concept (PoC) exploit exists. Palo Alto Networks addressed a high-severity vulnerability, tracked as CVE-2026-0227 (CVSS score: 7.7), affecting GlobalProtect Gateway and Portal, for which a proof-of-concept (PoC) exploit exists. GlobalProtect is Palo Alto Networks’ VPN and secure remote-access solution. It gives users a…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Windows vulnerability, tracked as CVE-2026-20805 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft Patch Tuesday security updates for January 2026 release…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium…
Breaking News, cyber crime, Global Security News, hacking, Security
AZ Monica hospital in Belgium shuts down servers after cyberattack
A cyberattack hit AZ Monica hospital in Belgium, forcing it to shut down servers, cancel procedures, and transfer critical patients. A cyberattack forced Belgian hospital AZ Monica to shut down all servers, cancel scheduled procedures, and transfer critical patients. AZ Monica is a Belgian general hospital network operating two campuses in Antwerp and Deurne, providing…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Threat actor claims the theft of full customer data from Spanish energy firm Endesa
Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. “In this regard, we regret to inform you that Endesa Energía has detected a…
Breaking News, CISA, Exploits, Global Security News, Gogs, hacking, Security
U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Gogs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Gogs path traversal vulnerability, tracked as CVE-2025-8110 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. Gogs (Go Git Service) is a lightweight, open-source, self-hosted Git service written…
Breaking News, Global Security News, hacking, information security news, Instagram, Security
Meta fixes Instagram password reset flaw, denies data breach
Meta fixed an Instagram password reset flaw that let third parties send reset emails, while denying a data breach despite leak claims. Meta confirmed fixing an Instagram password reset vulnerability that allowed third parties to trigger reset emails, while denying any breach despite claims of leaked user data. “We fixed an issue that let an…
APT, Breaking News, Europe, Global Security News, hacking, intelligence, Security
Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations
Russia-linked cyberespionage group APT28 targets energy, nuclear, and policy staff in Turkey, Europe, North Macedonia, and Uzbekistan with credential-harvesting attacks. Between February and September 2025, Recorded Future’s Insikt Group observed Russia-linked group APT28 (aka UAC-0001, Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) running credential-harvesting campaigns. Targets included Turkish energy and nuclear agency staff, European think tank personnel, and organizations…
Breaking News, Global Security News, hacking, hacktivism, Security
The ideals of Aaron Swartz in an age of control
Today marks Aaron Swartz ’s death anniversary. His fight for open knowledge and digital rights continues as the forces he opposed grow stronger. Today marks the anniversary of the death of Aaron Swartz (Chicago, November 8, 1986 – New York, January 11, 2013), a figure whose life, work, and ideals continue to shape the internet,…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 558 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A massive breach exposed data of 17.5M Instagram users North Korea–linked APT Kimsuky behind quishing attacks,…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals
Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to incorrect privacy settings. The Illinois Department of Human Services (IDHS ) disclosed a data breach after misconfigured privacy settings exposed personal and health data of nearly 700,000 residents. On September 22, 2025, IDHS discovered that internal maps meant…
Breaking News, Exploits, Global Security News, hacking, hacking news, Security
Trend Micro fixed a remote code execution in Apex Central
Trend Micro fixed three Apex Central flaws discovered by Tenable that could allow remote code execution or denial-of-service attacks. Trend Micro patched three flaws (CVE-2025-69258, CVE-2025-69259, CVE-2025-69260) in its Apex Central management console after Tenable disclosed details and PoC code. The researchers discovered the vulnerabilities in August 2025, which could enable remote code execution or denial-of-service attacks.…
Breaking News, Global Security News, hacking, hacking news, intelligence, Security
Iran cuts Internet nationwide amid deadly protest crackdown
Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet nationwide as protests spread across multiple cities. Security forces responded with a violent crackdown that reportedly killed dozens. Demonstrations continued despite the blackout, with shops closing…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
Breaking News, ESXI, Exploits, Global Security News, hacking, hacking news, Security
Chinese-speaking hackers exploited ESXi zero-days long before disclosure
Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hacked SonicWall VPN to deliver a toolkit targeting VMware ESXi. The exploit chain included a sophisticated VM escape and appears to have been developed more than a year…
Breaking News, cisco, Exploits, Global Security News, hacking, Security
Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability
Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) after a public PoC exploit was disclosed. The vulnerability resides in the licensing feature of Cisco ISE…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2009-0556 Microsoft Office PowerPoint Code Injection Vulnerability…
Global Security News, hacking, information security news, IT Information Security, Security
Ni8mare flaw gives unauthenticated control of n8n instances
A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers uncovered a maximum severity n8n vulnerability, tracked as CVE-2026-21858 (CVSS score of 10.0). The flaw, dubbed Ni8mare by Cyera researchers who discovered the vulnerability, lets unauthenticated attackers fully compromise affected instances. n8n is a workflow automation…
bec, Exploits, Global Security News, hacking, information security news, IT Information Security, Security
Misconfigured email routing enables internal-spoofed phishing
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails appearing internal, using PhaaS platforms like Tycoon2FA to steal credentials. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Veeam resolves CVSS 9.0 RCE flaw and other security issues
Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, including a critical RCE vulnerability tracked as CVE-2025-59470 (CVSS score of 9.0). A Backup or Tape Operator can achieve remote code execution as the postgres user by abusing…
Breaking News, Exploits, Global Security News, hacking, internet of things, Security
Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers
Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625 (CVSS score of 9.3), in legacy D-Link DSL routers. The vulnerability is an improper neutralization of special elements used in an OS Command (‘OS Command Injection’),…
Breaking News, Exploits, Global Security News, hacking, hacking news, Security
CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200
CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-2025-65606, in the TOTOLINK EX200 range extender that lets a remote authenticated attacker fully take over the device. The TOTOLINK EX200 is a compact Wi-Fi range extender…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, hacking news
Resecurity Went on the Cyber Offensive – When ‘Shiny Objects’ trick ‘Shiny Hunters’
Resecurity released 105 pages with 1,000+ messages tied to hacker John Erin Binns, detailing contacts with an unnamed woman in Turkey and an associate called “S.M.” Resecurity released 105 pages containing over 1,000 messages related to John Erin Binns, a hacker who is currently not in U.S. custody, and sent a “warm hello” to an…
APT, Exploits, Global Security News, hacking, hacking news, intelligence, malware
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025
Russia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. “Recent monitoring data from the 360 Advanced…
Breaking News, cyber crime, Global Security News, hacking, Security
The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act
Ilya Lichtenstein, who was sentenced to prison for his role in the Bitfinex hack that occurred in 2016, has been released from prison early. Ilya Lichtenstein (38), convicted for the hack of the cryptocurrency stock exchange Bitfinex in 2016, has been released from prison early. A Trump administration official told CNBC that Lichtenstein served significant prison time…
Breaking News, cyber crime, Global Security News, hacking, hacking news, Security
Resecurity Caught ShinyHunters in Honeypot
Resecurity caught ShinyHunters (SLH) using decoy accounts; the group attacked airlines, telecoms, and law enforcement in Sept 2025. In an interesting development, Resecurity has caught actors known as “ShinyHunters” or “Scattered Lapsus$ Hunters” (SLH) leveraging honeypot (decoy) accounts. The company was one of the first to release a public report detailing the group’s activities in September…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. French authorities investigate AI ‘undressing’ deepfakes on X Thousands of ColdFusion exploit attempts spotted during Christmas…
Breaking News, cyber crime, Cybercrime, Global Security News, Google Cloud Application, hacking, North America
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaign that abuses Google Cloud Application Integration to send emails impersonating legitimate Google messages. The attack uses layered redirection with trusted cloud services, user validation checks, and brand impersonation to…
Breaking News, Exploits, Global Security News, hacking, Security
IBM warns of critical API Connect bug enabling remote access
IBM disclosed a critical API Connect flaw (CVE-2025-13915, CVSS 9.8) that allows remote access via an authentication bypass. IBM addressed a critical API Connect vulnerability, tracked as CVE-2025-13915 (CVSS score of 9.8) that allows remote access via an authentication bypass. API Connect is IBM’s API management platform. It’s used by organizations to create, secure, manage,…
Breaking News, Crypto, cyber crime, Global Security News, hacking, Security
Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen
Trust Wallet says a second Shai-Hulud supply-chain attack likely compromised its Chrome extension, leading to the theft of about $8.5M in crypto. Trust Wallet linked a second Shai-Hulud supply-chain attack to its Chrome extension hack, which resulted in the theft of about $8.5 million in crypto assets. The investigation reveals that the attacker independently developed…
Cybercrime, Exploits, Global Security News, hacking, hacking news, Uncategorized
React2Shell under attack: RondoDox Botnet spreads miners and malware
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is exploiting the critical React2Shell flaw (CVE-2025-55182) to drop malware and cryptominers on vulnerable Next.js servers. “CloudSEK’s report details a persistent nine-month RondoDoX botnet campaign targeting IoT devices and web applications. Recently, the…
Breaking News, cyber crime, data breach, Europe, Global Security News, hacking, Security
ESA disclosed a data breach, hackers breached external servers
ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The European Space Agency (ESA) disclosed a data breach after a threat actor offered to sell data allegedly stolen from the organization. A hacker who goes online with the moniker “888” announced on BreachForums the…
Asia Pacific, Breaking News, Global Security News, hacking, hacking news, Security
Singapore CSA warns of maximun severity SmarterMail RCE flaw
Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore (CSA) warns of a maximum severity flaw, tracked as CVE-2025-52691 (CVSS score of 10.0), in SmarterMail. The vulnerability enables unauthenticated remote code execution via arbitrary file upload. “Successful exploitation of the…
Breaking News, Exploits, Global Security News, hacking, hacking news, Security
MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs
MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 (MongoBleed), was disclosed right after Christmas, an unwelcome “gift” for the cybersecurity community, impacting MongoDB Server deployments that use zlib network compression. MongoDB is a popular open-source NoSQL database used to store and manage data…
Breaking News, Cybercrime, Global Security News, hacking, Security
Coupang announces $1.17B compensation plan for 33.7M data breach victims
Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted. Coupang announced it will spend about $1.17 billion to compensate 33.7 million people affected by a recent data breach, providing purchase vouchers to impacted users. “Coupang plans to provide customers with purchase vouchers worth…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a MongoDB Server vulnerability, tracked as CVE-2025-14847 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. The recently disclosed MongoDB vulnerability CVE-2025-14847 (aka MongoBleed) is being actively exploited, with more…
Breaking News, cyber crime, data breach, Exploits, Global Security News, hacking, Security
Korean Air discloses data breach after the hack of its catering and duty-free supplier
Korean Air employee discloses a data breach after a hack of its catering and duty-free supplier, KC&D, affecting thousands of staff. Korean Air suffered a data breach after its in-flight catering supplier Korean Air Catering & Duty-Free (KC&D) was hacked, exposing personal data of ~30,000 employees of Korean Air employees. Korean Air is South Korea’s…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
MongoBleed flaw actively exploited in attacks in the wild
A recently disclosed MongoDB flaw (MongoBleed) is under active exploitation, with over 87,000 potentially vulnerable instances exposed worldwide. A newly disclosed MongoDB vulnerability, tracked as CVE-2025-14847 (aka MongoBleed, CVSS score of 8.7), is being actively exploited, with more than 87,000 potentially vulnerable instances identified worldwide. Cybersecurity researcher Joe Desimone published a proof-of-concept exploit for this vulnerability…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 556 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. LangChain core vulnerability allows prompt injection and data exposure NPM package with 56,000 downloads compromises WhatsApp…
Artificial Intelligence, Breaking News, Global Security News, hacking, information security news, Security
LangChain core vulnerability allows prompt injection and data exposure
A critical flaw in LangChain Core could allow attackers to steal sensitive secrets and manipulate LLM responses via prompt injection. LangChain Core (langchain-core) is a key Python package in the LangChain ecosystem that provides core interfaces and model-agnostic tools for building LLM-based applications. A critical vulnerability, tracked as CVE-2025-68664 (CVSS score of 9.3), affects the…
Breaking News, Cybercrime, Global Security News, hacking, hacking news, malware
NPM package with 56,000 downloads compromises WhatsApp accounts
An NPM package with over 56,000 downloads stole WhatsApp credentials, hid its activity, and installed a backdoor. Koi Security researchers warned that the NPM package ‘Lotusbail’, a WhatsApp Web API library and fork of ‘Baileys’, has been stealing users’ credentials and data. The package has been available for six months and has had over 56,000…
Breaking News, Crypto, cyber crime, Exploits, Global Security News, hacking
Trust Wallet warns users to update Chrome extension after $7M security loss
Trust Wallet urged users to update its Chrome extension after a security incident caused about $7 million in losses. Trust Wallet warned users to update its Google Chrome extension after a security incident that resulted in about $7 million in losses. The flaw affects version 2.68 of the multi-chain, non-custodial wallet, which has around one…
Breaking News, Global Security News, hacking, hacking news, hacktivism, Security
Pro-Russian group Noname057 claims cyberattack on La Poste services
Pro-Russian hacking group Noname057 claimed responsibility for the cyberattack that recently disrupted La Poste’s digital banking and online services. This week, the French national postal service La Poste confirmed a major cyber incident had knocked its information systems offline, disrupting digital banking and online services for millions of customers. On social media, La Poste said…
Breaking News, cyber crime, data breach, Global Security News, hacking
Aflac confirms June data breach affecting over 22 million customers
A June data breach exposed the personal information of more than 22 million Aflac customers, the company confirmed. A data breach in June exposed the information of more than 22 million Aflac customers, according to a new statement from the insurance giant. The company detected suspicious activity on a limited number of systems in June…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Spotify cracks down on unlawful scraping of 86 million songs
Spotify shut down accounts after Anna’s Archive scraped and published data on 86 million songs, confirming action against unlawful scraping. Spotify disabled user accounts after an open-source group published files containing 86 million songs scraped from the platform. The group, Anna’s Archive, said it found a method to extract Spotify files and released a database…
Breaking News, Exploits, Fortinet, Global Security News, hacking, Security
Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited
Fortinet reported active exploitation of a five-year-old FortiOS SSL VPN flaw, abused in the wild under specific configurations. Fortinet researchers observed “recent abuse” of a five-year-old security vulnerability, tracked as CVE-2020-12812 (CVSS score: 5.2), in FortiOS SSL VPN. The vulnerability is exploited in attacks in the wild under certain configurations. CVE-2020-12812 is an improper authentication flaw…
Breaking News, Exploits, Global Security News, hacking, hacking news, Security
High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover
MongoDB addressed a high-severity vulnerability that can be exploited to achieve remote code execution on vulnerable servers. MongoDB addressed a high-severity vulnerability, tracked as CVE-2025-14847 (CVSS score 8.7), an unauthenticated, remote attacker can exploit the issue to execute arbitrary code on vulnerable servers. “An client-side exploit of the Server’s zlib implementation can return uninitialized heap…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
FBI seized ‘web3adspanels.org’ hosting stolen logins
The U.S. seized the ‘web3adspanels.org’ domain and database used by cybercriminals to store stolen bank login credentials. The FBI seized the domain web3adspanels[.]org and its database after cybercriminals used it to store bank login credentials stolen from U.S. victims. A criminal group ran fake ads on Google and Bing that mimicked real bank advertisements. Victims…
Breaking News, DDoS, Europe, France, Global Security News, hacking, Security
La Poste outage after a cyber attack disrupts digital banking and online services
La Poste said a major network incident took its systems offline, disrupting digital banking and online services for millions of users. The French national postal service La Poste confirmed a major cyber incident had knocked its information systems offline, disrupting digital banking and online services for millions of customers. Les services essentiels de la banque…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Red Hat GitLab breach exposes data of 21,000 Nissan customers
Hackers breached Red Hat’s GitLab, stealing data of 21,000 customers; Nissan confirmed exposure via a self-managed GitLab instance. Japanese carmaker Nissan disclosed a data breach tied to a self-managed GitLab instance used by Red Hat Consulting. Threat actors gained access to the GitLab instance, stealing data from 21,000 customers. In October, the Crimson Collective claimed…
Exploits, Global Security News, hacking, hacking news, information security news, IT Information Security, Security
Critical n8n flaw could enable arbitrary code execution
A critical flaw in the n8n automation platform could allow attackers to execute arbitrary code if exploited under specific conditions. Researchers warn that a critical vulnerability, tracked as CVE-2025-68613 (CVSS score of 9.9), in the n8n workflow automation platform could allow attackers to achieve arbitrary code execution under certain circumstances. The package gets about 57,000 downloads per week,…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Why Third-Party Access Remains the Weak Link in Supply Chain Security
Attackers exploited a supply chain weakness, abusing trusted components to compromise systems and spread malicious activity across connected targets. Your next breach probably won’t start inside your network—it will start with someone you trust. Every supplier, contractor, and service provider needs access to your systems to keep business running, yet each login is a potential…
Breaking News, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Digiever DS-2105 Pro vulnerability, tracked as CVE-2023-52163 (CVSS Score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. Digiever DS-2105 Pro is a network video recorder (NVR) device designed…
Breaking News, cyber crime, Global Security News, hacking, malware, Security
Romanian Waters confirms cyberattack, critical water operations unaffected
Romania’s national water management authority, Romanian Waters, was hit by a ransomware attack over the weekend. Romanian Waters (Administrația Națională Apele Române), the country’s water management authority, suffered a ransomware attack over the weekend. According to the National Cyber Security Directorate (DNSC), the incident affected around 1,000 computer systems across the central organization and 10…
APT, Breaking News, Cyber warfare, Europe, Global Security News, hacking, intelligence
Infy Returns: Iran-linked hacking group shows renewed activity
Researchers report renewed activity by Iran-linked Infy (Prince of Persia), showing the hacking group remains active and dangerous after years of silence. SafeBreach researchers have spotted renewed activity from the Iran-linked APT group Infy, also known as Prince of Persia, nearly five years after its last known campaigns in Europe. SafeBreach warns the group remains…
Breaking News, Global Security News, hacking, hacking news, information security news, Security
Waymo suspends service after power outage hit San Francisco
Waymo temporarily halted its San Francisco robotaxi service after a major blackout left multiple autonomous vehicles stranded on city streets. Waymo temporarily halted its robotaxi service in San Francisco after a widespread blackout caused multiple autonomous vehicles to stall on city streets. “We have temporarily suspended our ride-hailing services in the San Francisco Bay Area…
Breaking News, cyber crime, Global Security News, hacking, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks Operation MoneyMount-ISO — Deploying Phantom Stealer via ISO-Mounted Executables Inside GhostPoster: How a PNG Icon Infected 50,000 Firefox Users…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ATM Jackpotting ring busted: 54 indicted by DoJ U.S. CISA adds a flaw in WatchGuard Fireware…
Breaking News, cyber crime, Global Security News, hacking, malware, North America
ATM Jackpotting ring busted: 54 indicted by DoJ
The U.S. Department of Justice has indicted 54 individuals over a multi-million-dollar ATM jackpotting fraud scheme. U.S. DoJ indicted 54 people for a nationwide ATM jackpotting scheme that stole millions via malware. The case links the crimes to the cybercrime group Tren de Aragua, including charges of fraud, money laundering, and material support to a…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a WatchGuard Fireware OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a WatchGuard Firebox OS vulnerability, tracked as CVE-2025-14733 (CVSS Score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. This flaw is a critical out-of-bounds write vulnerability in WatchGuard Fireware…
Breaking News, Cyber warfare, Europe, Global Security News, hacking, intelligence
Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says
Denmark has blamed Russia for a destructive cyberattack on a water utility, calling it part of Moscow’s hybrid campaign against Western critical infrastructure. Denmark has accused Russia of orchestrating destructive cyberattacks against a water utility in 2024, framing them as part of broader hybrid attacks on Western critical infrastructure. Denmark’s Defence Intelligence Service attributed a…
Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security
CLOP targets Gladinet CentreStack servers in large-scale extortion campaign
The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign. The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign aimed at stealing sensitive data from organizations worldwide. Gladinet CentreStack is a software platform that allows organizations to turn their existing file servers,…
Breaking News, Global Security News, hacking, hacking news, information security news, Security
ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks
A new UEFI flaw exposes some ASRock, ASUS, GIGABYTE, and MSI motherboards to early-boot DMA attacks, bypassing IOMMU protections. Researchers warn of a new UEFI vulnerability that affects select ASRock, ASUS, GIGABYTE, and MSI motherboards, enabling early-boot DMA attacks that bypass IOMMU protections. UEFI (Unified Extensible Firmware Interface) is the modern firmware standard that initializes…
APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, Security
China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager
Cisco disclosed a critical zero-day (CVE-2025-20393) in Secure Email Gateway and Secure Email and Web Manager, actively exploited by a China-linked group. Cisco disclosed a critical zero-day, tracked as CVE-2025-20393, in Secure Email Gateway and Secure Email/Web Manager, which is actively exploited by a China-linked threat group. Cisco reported a December 10 campaign targeting certain…
Breaking News, Exploits, Global Security News, hacking, hacking news, HPE, Security
Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw
Hewlett Packard Enterprise (HPE) fixed a critical OneView flaw that could allow attackers to achieve remote code execution. Hewlett Packard Enterprise (HPE) addressed a maximum-severity security vulnerability, tracked as CVE-2025-37164 (CVSS score of 10.0), in OneView Software. An attacker can exploit the flaw to achieve remote code execution. HPE OneView is an integrated IT management…
Breaking News, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-20393 (CVSS score of 10.0) Cisco Multiple…
Breaking News, cyber crime, Cybercrime, Exploits, GhostPairing, Global Security News, hacking
GhostPairing campaign abuses WhatsApp device linking to hijack accounts
Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accounts using pairing codes in a campaign dubbed GhostPairing, without requiring authentication. Gen Digital first observed the GhostPairing campaign in Czechia, but warns that it can spread globally via compromised accounts. The…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
SonicWall warns of actively exploited flaw in SMA 100 AMC
SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as CVE-2025-40602, in the SMA1000 Appliance Management Console that was exploited as a zero-day in attacks in the wild. The flaw is a local privilege escalation issue…
Breaking News, Europe, ferry Fantastic, Global Security News, hacking, intelligence, Security
GNV ferry fantastic under cyberattack probe amid remote hijack fears
French prosecutors probe a suspected cyberattack on GNV ferry Fantastic, raising concerns of a possible remote hijack. French prosecutors are investigating a suspected cyberattack on the GNV ferry Fantastic, raising fears of a potential remote hijack. The ferry Fantastic sails between Sète and North Africa, and French authorities are investigating a suspected attempt to compromise…
APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, intelligence
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Amazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (2021–2025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
Breaking News, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a vulnerability impacting multiple products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability, tracked as CVE-2025-59718 (CVSS Score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1),…
Breaking News, Global Security News, hacking, hacking news, information security news, North America, Security
A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations
A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, over the weekend, disrupting its export operations. Venezuela’s state oil company PDVSA was hit by a cyberattack over the weekend that disrupted export operations. The company says the incident only affected some administrative systems and did not impact operations. “Thanks to the expertise…
Breaking News, Exploits, Global Security News, hacking, Security
Hackers are exploiting critical Fortinet flaws days after patch release
Threat actors are exploiting two critical Fortinet flaws, tracked as CVE-2025-59718 and CVE-2025-59719, days after patch release, impacting multiple Fortinet products. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), in Fortinet products days after patch release, Arctic Wolf warns. Last week, Fortinet addressed 18 vulnerabilities, including the two flaws…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity
Hackers tied to ShinyHunters extort PornHub after stealing search and viewing history of Premium users in a Mixpanel data breach. PornHub faces extortion after hackers linked to ShinyHunters allegedly stole search and viewing history of Premium users via a Mixpanel data breach. Mixpanel is a product analytics platform that companies use to understand how people interact…
Breaking News, Europe, France, Global Security News, hacking, intelligence, Security
French Interior Minister says hackers breached its email servers
The French interior minister confirmed that a cyberattack breached the Interior Ministry, compromising its email servers. The French Interior Minister Laurent Nunez announced on Friday that threat actors compromised email servers at the Ministry of the Interior. The attack was detected overnight between December 11 and 12, and according to the French interior minister, attackers…
Apple, Breaking News, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-43529 – Apple Multiple…
Breaking News, Global Security News, hacking, Security
Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika
Atlassian released security updates to address dozens of flaws, including multiple critical-severity vulnerabilities. Atlassian addressed dozens of vulnerabilities impacting its products, including multiple critical-severity issues. One of the most severe bugs is a maximum-severity XML External Entity (XXE) injection flaw, tracked as CVE-2025-66516 (CVSS score of 10/10), in Apache Tika. CVE-2025-66516 carries a maximum CVSS rating…
Exploits, Global Security News, hacking, Mobile, Reports, Security
CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use
The CERT-FR (French Computer Emergency Response Team) is advising iPhone and Android users to fully disable Wi-Fi to reduce risk. CERT-FR warns iPhone and Android users to fully disable Wi-Fi to reduce exposure, citing multiple vulnerabilities across wireless interfaces, apps, OSs, and even hardware. The agency reiterates basic hygiene: install apps only from official stores, review…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found an unsecured 16TB database containing 4.3B professional records Germany calls in Russian Ambassador over…
Breaking News, Chrome, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1, 2] Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-14174 Google Chromium Out-of-Bounds…
Apple, Breaking News, Exploits, Global Security News, Google, hacking, Mobile
Emergency fixes deployed by Google and Apple after targeted attacks
Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates after uncovering a highly targeted attacks against an unknown number of users. The attacks abused zero‑day vulnerabilities in their software. The campaign appears to involve nation-state…
Asia Pacific, Breaking News, Global Security News, hacking, hacking news, information security news, Security
Notepad++ fixed updater bugs that allowed malicious update hijacking
Notepad++ addressed an updater vulnerability that allows attackers hijack update traffic due to weak file authentication. Notepad++ addressed a flaw in its updater that allowed attackers to hijack update traffic due to improper authentication of update files in earlier versions. The popular security researcher Kevin Beaumont first reported that several Notepad++ users faced security incidents.…