Collaborate Disseminate
Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source, Sansec researchers have warned. The company blocked over 250 exploitation attempts targeting multiple stores on Wednesday, and ex… Continue reading Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236)
A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and e… Continue reading Attackers target retailers’ gift card systems using cloud-only techniques
Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-priv… Continue reading Attackers turn trusted OAuth apps into cloud backdoors
The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital footprints, spanning countless online accounts, from email and social media to banki… Continue reading Life, death, and online identity: What happens to your online accounts after death?
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known Exploi… Continue reading CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)
The official website for Xubuntu, a community-maintained “flavour” of Ubuntu that ships with the Xfce desktop environment, has been compromised to serve Windows malware instead of the Linux distro. The malicious download Reports about a pot… Continue reading Official Xubuntu website compromised to serve malware
Moxa has fixed 5 vulnerabilities in its industrial network security appliances and routers, including a remotely exploitable flaw (CVE-2025-6950) that may result in complete system compromise. There’s no mention of these flaws being exploited in … Continue reading Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950)
Salt Typhoon, the China-linked APT group that has a penchant for targeting telecommunications companies, has been spotted trying to sneak into yet another one. The intrusion “Darktrace observed activity in a European telecommunications organisati… Continue reading China-linked Salt Typhoon hackers attempt to infiltrate European telco
Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detectio… Continue reading Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting organizations with malware posing as Microsoft Teams. “In this campaign, Vanilla T… Continue reading Microsoft revokes 200 certs used to sign malicious Teams installers