Internet Security

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

December 8, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a a... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

December 7, 2025 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code... Read more »

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

December 7, 2025 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

December 7, 2025 add comment
Hundreds of Porsche cars in Russia became undrivable due to a malfunction in their factory-installed satellite security system, owners say. Hundreds of Porsche cars in Russia became undrivable after... Read more »

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

December 6, 2025 add comment
A hacking campaign is targeting GlobalProtect logins and scannig SonicWall APIs since December 2, 2025. A campaign began on December 2 targeting Palo Alto GlobalProtect portals with login attempts... Read more »

Maximum-severity XXE vulnerability discovered in Apache Tika

December 6, 2025 add comment
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it... Read more »

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

December 5, 2025 add comment
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series... Read more »

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

December 5, 2025 add comment
CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed technical details... Read more »

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

December 4, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw,... Read more »

Marquis data breach impacted more than 780,000 individuals

December 4, 2025 add comment
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financial data, including... Read more »
Subscribe to our Newsletter