Hacking

<gwmw style="display: none; background-color: transparent;"></gwmw>Attackers deliver ShadowPad via newly patched WSUS RCE bug<gwmw style="display: none; background-color: transparent;"></gwmw>

Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.…

8 months ago

Scattered Spider alleged members deny TfL charges

Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark…

8 months ago

Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack

Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3…

8 months ago

Salesforce alerts users to potential data exposure via Gainsight OAuth apps

Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce…

8 months ago

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team…

8 months ago

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world…

8 months ago

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S.…

8 months ago

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

A remote code execution vulnerability, tracked as CVE-2025-11001, in the 7-Zip software is under active exploitation. A new 7-Zip flaw…

8 months ago

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA has added a second Fortinet FortiWeb vulnerability in just a few days to its Known Exploited Vulnerabilities catalog.…

8 months ago

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034, which attackers are actively exploiting. Fortinet patched a new FortiWeb zero-day,…

8 months ago

This website uses cookies.