Collaborate Disseminate
By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting organizations with malware posing as Microsoft Teams. “In this campaign, Vanilla T… Continue reading Microsoft revokes 200 certs used to sign malicious Teams installers
CISA has added CVE-2025-54253, a misconfiguration vulnerability in Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE), to its Known Exploited Vulnerabilities catalog, thus warning of detected in-the-wild exploitation. Adobe fixed the… Continue reading “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)
US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company confirmed today. BIG-IP vulnerabilities are often lever… Continue reading F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. The actively exploited vulnerabilities are an unusual mix CVE-2025-2499… Continue reading Microsoft patches three zero-days actively exploited by attackers
Oracle has revealed the existence of yet another remotely exploitable Oracle E-Business Suite vulnerability (CVE-2025-61884). About CVE-2025-61884 CVE-2025-61884 is a vulnerability in the Runtime user interface in the Oracle Configurator product of Ora… Continue reading Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884)
Apple bug bounty program’s categories are expanding and rewards are rising, and zero-click exploit chains may now earn researchers up to $2 million. “Our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilit… Continue reading Apple offers $2 million for zero-click exploit chains
CVE-2025-11371, a unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by attackers in the wild. While Gladinet is aware of the vulnerability and of its acti… Continue reading Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-ba… Continue reading Legit tools, illicit uses: Velociraptor, Nezha turned against victims
The attackers who brute-forced their way into SonicWall’s firewall cloud backup service accessed configuration backup files of all customers who have used the service, SonicWall stated on Wednesday, following the conclusion of a Mandiant-supported inve… Continue reading Attackers compromised ALL SonicWall firewall configuration backup files
Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social engineering… Continue reading Researchers uncover ClickFix-themed phishing kit