A wave of product vulnerabilities hits security vendors and enterprise software
Numerous vendors disclosed severe flaws across the security and enterprise software stack, including Zoom, FortiSandbox, FreeRDP, NGINX, SAP, Adobe, Siemens, Schneider Electric, and Ivanti. Some of these issues were remote or unauthenticated, while others could expose internal analysis environments or enable code execution. Zoom fixed a critical Windows account-takeover flaw, Fortinet patched a VNC exposure in FortiSandbox, and CISA and…
Leggi l'articolo →A rash of CMS and Joomla flaws is being actively exploited for webshell and file-upload attacks
Australia's Signals Directorate warned that attackers are mounting a broad campaign against content management systems, including WordPress and Joomla, by exploiting known flaws and dropping webshells. CISA also added Joomla extension bugs in iCagenda…
Leggi l'articolo →AsyncAPI npm supply-chain compromise spreads malware through trusted packages
Attackers compromised the AsyncAPI npm organization and injected malicious code into multiple widely used packages, including generator and specs packages with more than two million weekly downloads. The malware was delivered through a compromised…
Leggi l'articolo →AI-assisted intrusions in government networks show how frontier models are changing cyber espionage
Researchers found an active Chinese intrusion campaign that used Claude Code and DeepSeek to automate parts of espionage operations against government systems and financial firms. The operators were linked to TencShell infrastructure and reportedly…
Leggi l'articolo →ClickFix becomes a scalable social-engineering platform for malware delivery
ClickFix moved from a novelty to a widely used attack pattern that tricks users into running commands themselves, bypassing many endpoint defenses. Researchers said the technique now functions as an industrialized ecosystem, often using…
Leggi l'articolo →Scattered Spider members are sentenced for the Transport for London attack
Two teenage members of the Scattered Spider cybercrime group were sentenced in the UK to five years and six months in prison each for the 2024 cyberattack on Transport for London. The case drew…
Leggi l'articolo →Ransomware and extortion operations continue to target organizations worldwide
Ransomware leak sites and reporting showed continued activity from groups such as Qilin, DragonForce, Akira, Play, Incransom, and others against companies, schools, hospitals, and public-sector organizations across many countries. The articles themselves were sparse,…
Leggi l'articolo →Credential theft, phishing, and fake downloads remain the main path to compromise
Attackers continued to rely on phishing, fake installers, and stolen credentials as their most reliable access methods. Reports covered trojanized Webex, Zoom, and MobaXterm installers, GitHub repositories impersonating hundreds of brands, fake Claude download…
Leggi l'articolo →AI-generated malware and botnets are moving from concept to production
Researchers reported multiple malware and botnet projects that show signs of LLM assistance, including TuxBot v3 Evolution and AI-generated PowerShell reconnaissance code. TuxBot was described as a modular IoT botnet built with AI-generated code…
Leggi l'articolo →RedHook, LabubaRAT, and other mobile malware families widen Android abuse
Several mobile malware reports this week showed attackers expanding their Android tradecraft. RedHook was observed using Wireless ADB to gain shell access without a computer connection, while other campaigns focused on fake apps and…
Leggi l'articolo →- Security teams are racing to manage AI, MCP, and coding-agent risk in software development
- Lidl and EY both disclosed third-party support and service-provider data breaches
- Microsoft and security vendors rush to address AI-era attack surfaces
- Google and Microsoft move decisively toward passkeys and stronger sign-in defaults
- Passwordless identity and MFA changes are reshaping enterprise access management
- CrowdStrike, Microsoft, and others are using AI to reframe vulnerability discovery and remediation
- CISA pushes vendors toward more disciplined coordinated vulnerability disclosure
- Firmware and driver flaws continue to expose kernel and physical-memory abuse paths











