information security news

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacksSuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. Between January and March, researchers at…

3 weeks ago
U.S. CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalogU.S. CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog. The…

3 weeks ago
GitLab addressed critical auth bypass flaws in CE and EEGitLab addressed critical auth bypass flaws in CE and EE

GitLab addressed critical auth bypass flaws in CE and EE

GitLab addressed two critical authentication bypass vulnerabilities in Community Edition (CE) and Enterprise Edition (EE). GitLab released security updates to…

3 weeks ago
North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpyNorth Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. North Korea-linked…

3 weeks ago
Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilitiesExperts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities

Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities

Researchers warn of a "coordinated surge" in the exploitation attempts of SSRF vulnerabilities in multiple platforms. Threat intelligence firm GreyNoise…

3 weeks ago
Meta warns of actively exploited flaw in FreeType libraryMeta warns of actively exploited flaw in FreeType library

Meta warns of actively exploited flaw in FreeType library

Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild. Meta warned that…

3 weeks ago
Medusa ransomware hit over 300 critical infrastructure organizations until February 2025Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The…

3 weeks ago
China-linked APT UNC3886 targets EoL Juniper routersChina-linked APT UNC3886 targets EoL Juniper routers

China-linked APT UNC3886 targets EoL Juniper routers

Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper Networks Junos OS MX routers. In mid-2024, Mandiant identified…

3 weeks ago
U.S. CISA adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalogU.S. CISA adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity…

3 weeks ago
Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-daysMicrosoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Microsoft Patch Tuesday security updates for March 2025 address 56 security vulnerabilities in its products, including six actively exploited zero-days.…

3 weeks ago