A new stealth backdoor has been discovered in the WordPress mu-plugins folder, granting attackers persistent access and control over compromised…
U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S.…
Sophos addressed five Sophos Firewall vulnerabilities that could allow remote attackers to execute arbitrary code. Sophos has fixed five vulnerabilities…
French authorities announced the arrest in Ukraine of an alleged administrator of the long-running cybercrime forum XSS.is. A joint investigation…
Microsoft linked SharePoint exploits to China-nexus groups Linen Typhoon, Violet Typhoon, and Storm-2603, active since July 7, 2025. Microsoft confirmed…
Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025. Cisco confirmed…
While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors.…
Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors…
Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface. HPE…
This website uses cookies.