From the Google Threat Intelligence Group: Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023). The exploit kit, named “Coruna” by its developers, contained five full iOS exploit chains and a total of […]
The Record reports: A Chinese state-backed hacking group is targeting Dell customers with a zero-day vulnerability impacting a popular line of operational and disaster recovery tools. Dell and Google released notices on Tuesday about CVE-2026-22769, warning that a sophisticated Chinese actor has been targeting the bug since at least mid-2024. Dell’s advisory said the vulnerability carries a […]
The Record reports: A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers, allowing them to silently redirect some users to malicious update servers, the project’s developers announced on Monday. In a security update posted on the project’s website, the development team said the attack did not exploit a flaw […]
The Record reports: State-backed hackers in China are exploiting a vulnerability impacting a popular open-source tool built into thousands of widely-used digital products, according to new reports. The tool, React Server Components, was maintained by Meta for many years and now is embedded in 50 million websites and products built by countless major firms. The bug, tagged […]
The Record reports: Security researchers on Friday revealed the discovery of “commercial grade” spyware used in a 9-month-long hacking campaign aimed at Samsung Galaxy phones likely concentrated in the Middle East. The Android spyware, dubbed LANDFALL, exploited a zero-day, or previously undocumented, vulnerability in Galaxy phones’ image processing libraries. The spyware was likely sent via […]
As seen on a Russian-language hacking forum, this news report: A major vulnerability exploitation campaign has hit WordPress sites: attackers are targeting resources running the GutenKit and Hunk Companion plugins, which are vulnerable to critical vulnerabilities that allow arbitrary code execution on the server. Wordfence , a WordPress security company, recorded 8.7 million attack attempts in just two days—October […]
Cyber Press reports: Cisco Talos has identified a sophisticated technique employed by the Qilin ransomware group, in which threat actors leverage legitimate Windows utilities, specifically MSPaint and Notepad, to inspect and locate high-sensitivity information across compromised networks manually. […] During the credential access and exfiltration phase, attackers execute a comprehensive credential-harvesting workflow using tools such […]
The Hacker News reports: Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild. The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), a remote code execution flaw in WSUS that was originally fixed by the […]
GP Blog reports: An FIA website containing sensitive information and documents relating to drivers, including Max Verstappen, has been hacked. Whilst this was not a malicious hacking attempt, the hackers were able to access sensitive personal information of any driver they chose. The FIA’s Driver Categorisation website contains the details of almost 7,000 drivers. The hackers, who breached […]
Bleeping Computer reports: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. “Harvard is aware of reports that data associated with the University has been obtained […]
