Hacking

Critical Gogs zero-day under attack, 700 servers hacked

Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers. Gogs is a self-hosted…

7 months ago

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

Google fixed GeminiJack, a zero-click Gemini Enterprise flaw that could leak corporate data via crafted emails, invites, or documents, Noma…

7 months ago

Google fixed a new actively exploited Chrome zero-day

Google addressed three vulnerabilities in the Chrome browser, including a high-severity bug already exploited in the wild. Google released security…

7 months ago

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The…

7 months ago

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day<gwmw style="display:none;"></gwmw>

Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws. Microsoft Patch Tuesday security updates…

7 months ago

Ivanti warns customers of new EPM flaw enabling remote code execution

Ivanti warns users to address a newly disclosed Endpoint Manager vulnerability that could let attackers execute code remotely. Software firm…

7 months ago

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish…

7 months ago

Oracle EBS zero-day used by Clop to breach Barts Health NHS

Clop ransomware stole data from Barts Health NHS after exploiting a zero-day in its Oracle E-Business Suite. Barts Health NHS…

7 months ago

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

Multiple China-linked threat actors began exploiting the CVE-2025-55182, aka React2Shell flaw, within hours, AWS Security warns. Multiple China-linked threat actors…

7 months ago

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

A hacking campaign is targeting GlobalProtect logins and scannig SonicWall APIs since December 2, 2025. A campaign began on December…

7 months ago

This website uses cookies.