Internet Security

Operation Zero Disco: Threat actors targets Cisco SNMP flaw to drop Linux rootkits

October 16, 2025 add comment
Hackers exploit Cisco SNMP flaw CVE-2025-20352 in “Zero Disco” attacks to deploy Linux rootkits on outdated systems, researchers report. Trend Micro researchers disclosed details of a new campaign, tracked... Read more »

U.S. CISA adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog

October 16, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adobe Experience... Read more »

China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack

October 16, 2025 add comment
China-linked APT Jewelbug targeted a Russian IT provider for five months in 2025, showing Russia remains exposed to Chinese cyber espionage. China-linked threat actor Jewelbug (aka CL-STA-0049, Earth Alux,... Read more »

U.S. CISA adds SKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog

October 16, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds OracSKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

Spanish fashion retailer MANGO disclosed a data breach

October 16, 2025 add comment
Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information. Mango is a global fashion brand founded in Barcelona in 1984, it... Read more »

Qilin Ransomware announced new victims

October 15, 2025 add comment
Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore the... Read more »

A sophisticated nation-state actor breached F5 systems, stealing BIG-IP source code and data on undisclosed flaw

October 15, 2025 add comment
F5 disclosed that a sophisticated nation-state actor breached its systems, stealing BIG-IP source code and data on undisclosed product vulnerabilities. Cybersecurity firm F5 disclosed that a highly sophisticated nation-state... Read more »

200,000 Linux systems from Framework are shipped with signed UEFI components vulnerable to Secure Boot bypass

October 15, 2025 add comment
About 200K Linux systems from Framework shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. Firmware security company Eclypsium warns that about 200,000... Read more »

SAP fixed maximum-severity bug in NetWeaver

October 15, 2025 add comment
SAP addressed 13 new flaws, including a maximum severity vulnerability in SAP NetWeaver, which could lead to arbitrary command execution. SAP addressed 13 new vulnerabilities, including a maximum severity issue, tracked... Read more »

Flax Typhoon APT exploited ArcGIS server for over a year as a backdoor

October 15, 2025 add comment
China-linked cyberespionage group Flax Typhoon hijacked an ArcGIS system for over a year and used it as a backdoor. China-linked APT group Flax Typhoon (aka Ethereal Panda or RedJuliett)... Read more »
Subscribe to our Newsletter