The Register reports: SonicWall on Monday confirmed that it’s investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs. “SonicWall is actively investigating a recent increase in reported cyber incidents involving a number of Gen 7 firewalls running various firmware versions with […]
The Indian Express reports: A cybersecurity researcher has identified critical vulnerabilities in an app developed by sex toy manufacturer Lovense that not only exposed the private email addresses of users but also enabled threat actors to hijack a user’s account on the platform. The anonymous researcher published their findings about the two in-app security flaws […]
The Hacker News reports: A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49704 (CVSS score: 8.8), a code injection and remote code execution bug in Microsoft SharePoint Server that was […]
TechCrunch reports: Hackers are targeting a previously reported bug in the Signal clone app TeleMessage in an effort to steal users’ private data, according to security researchers and a U.S. government agency. TeleMessage, which earlier this year was revealed to be used by high-ranking officials in the Trump administration, already experienced at least one data breach in May. […]
Recorded Future reports: The federal cybersecurity watchdog ordered all civilian agencies to immediately patch a vulnerability impacting several NetScaler products used by organizations to manage network traffic. The Cybersecurity and Infrastructure Security Agency (CISA) added the bug — tracked as CVE-2025-5777 — to its catalog of known exploited vulnerabilities on Thursday afternoon but took the extraordinary step […]
Bleeping Computer reports: A critical NetScaler ADC and Gateway vulnerability dubbed “Citrix Bleed 2” (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices. Citrix Bleed 2, named by cybersecurity researcher Kevin Beaumont due to its similarity to the original Citrix Bleed (CVE-2023-4966), is […]
NetSec reports: The Qilin ransomware group has been noticed exploiting two critical vulnerabilities present in FortiOS/FortiProxy equipment. Although the group seems to be focusing on countries with Spanish language, it is likely that attacks exploiting these vulnerabilities will spread to other countries. The Qilin ransomware-as-a-service (RaaS) operation appeared in August 2022, known first as Agenda. Although it is not […]
The Record reports: Ransomware gangs have been exploiting a vulnerability in remote device control software SimpleHelp during a recent string of attacks, according to federal cybersecurity officials. The Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that CVE-2024-57727 — a vulnerability affecting SimpleHelp’s widely-used remote access tools — was exploited to “compromise customers of […]
TechRadar reports: A new browser-based malware campaign has surfaced, demonstrating how attackers are now exploiting trusted domains like Google.com to bypass traditional antivirus defenses. A report from security researchers at c/side, this method is subtle, conditionally triggered, and difficult for both users and conventional security software to detect. It appears to originate from a legitimate OAuth-related URL, but covertly […]
GBHackers reports: Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in the widely used SimpleHelp Remote Monitoring and Management (RMM) platform. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning that ransomware actors have leveraged these security gaps […]
