Internet Security

Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites

January 30, 2025 add comment
An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP.  An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several... Read more »

PHP package Voyager flaws expose to one-click RCE exploits

January 30, 2025 add comment
The open-source PHP package Voyager is affected by three vulnerabilities that could be exploited to achieve one-click remote code execution on affected instances. Voyager is a popular open-source PHP package for... Read more »

Italy’s Data Protection Authority Garante requested information from Deepseek

January 30, 2025 add comment
Italy’s data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italy’s Data Protection Authority Garante has asked the AI firm DeepSeek to... Read more »

U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog

January 29, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple Multiple Products Use-After-Free... Read more »

Aquabot variant v3 targets Mitel SIP phones

January 29, 2025 add comment
A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Akamai researchers spotted a new variant of the Mirai-based... Read more »

Critical remote code execution bug found in Cacti framework

January 29, 2025 add comment
A critical flaw in Cacti open-source network monitoring and fault management framework that could allow remote code execution. Cacti is an open-source platform that provides a robust and extensible operational... Read more »

Attackers actively exploit a critical zero-day in Zyxel CPE Series devices

January 29, 2025 add comment
Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exploitation attempts targeting a zero-day, tracked as... Read more »

Attackers exploit SimpleHelp RMM Software flaws for initial access

January 29, 2025 add comment
Threat actors exploit recently fixed SimpleHelp RMM software vulnerabilities to breach targeted networks, experts warn. Horizon3 researchers discovered three vulnerabilities, tracked as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, that could be... Read more »

VMware fixed a flaw in Avi Load Balancer

January 29, 2025 add comment
VMware fixed a high-risk blind SQL injection vulnerability in Avi Load Balancer, allowing attackers to exploit databases via crafted queries. VMware warns of a high-risk blind SQL injection vulnerability,... Read more »

Ransomware attack on ENGlobal compromised personal information

January 28, 2025 add comment
ENGlobal reported to the SEC that personal information was compromised in a ransomware attack that took place in November 2024. ENGlobal disclosed a ransomware attack that occurred in November, in... Read more »
Subscribe to our Newsletter