Internet Security

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

November 16, 2025 add comment
China-linked actors used Anthropic’s AI to automate and run cyberattacks in a sophisticated 2025 espionage campaign using advanced agentic tools. China-linked threat actors used Anthropic’s AI to automate and... Read more »

Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution

November 15, 2025 add comment
Researchers found a critical vulnerability in GoSign Desktop: TLS Certificate Validation Disabled and Unsigned Update Mechanism. GoSign is an advanced and qualified electronic signature solution developed by Tinexta InfoCert... Read more »

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

November 14, 2025 add comment
ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE-2025-59367 (CVSS... Read more »

Millions of sites at risk from Imunify360 critical flaw exploit

November 14, 2025 add comment
A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious files to shared servers... Read more »

Critical FortiWeb flaw under attack, allowing complete compromise

November 14, 2025 add comment
A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in Fortinet FortiWeb... Read more »

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

November 14, 2025 add comment
Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs,... Read more »

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

November 14, 2025 add comment
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors... Read more »

Chrome extension “Safery” steals Ethereum wallet seed phrases

November 13, 2025 add comment
Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a malicious Chrome extension... Read more »

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

November 13, 2025 add comment
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame, carried... Read more »

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

November 13, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »
Subscribe to our Newsletter