China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S.... Read more »

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Fortinet warns attackers can keep read-only access to FortiGate devices even after the original vulnerability is patched. Fortinet warns that threat actors can retain read-only access to FortiGate devices... Read more »

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure. Threat actors are exploiting a recently discovered vulnerability, tracked as CVE-2025-3102 (CVSS score of 8.1) in the... Read more »

Laboratory Services Cooperative data breach impacts 1.6 Million People

Laboratory Services Cooperative discloses a data breach from October 2024 that exposed personal and medical info of 1.6 million individuals. Laboratory Services Cooperative disclosed a data breach that impacted... Read more »

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Experts warn of brute-force login attempts on PAN-OS GlobalProtect gateways following increased scanning activity on its devices. Palo Alto Networks reports brute-force login attempts on PAN-OS GlobalProtect gateways. The... Read more »

Gamaredon targeted the military mission of a Western country based in Ukraine

Gamaredon targeted a foreign military mission in Ukraine with updated GammaSteel malware on Feb 26, 2025, per Symantec. Symantec Threat Hunter researchers reported that the Russia-linked APT group Gamaredon... Read more »

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Linux Kernel flaws, respectively tracked as... Read more »

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

AkiraBot, a CAPTCHA-evading Python framework, has spammed over 80,000 websites with AI-generated messages, targeting small and medium-sized businesses. SentinelOne’s SentinelLabs researchers warn that AkiraBot, a spam framework, targets websites’... Read more »

An APT group exploited ESET flaw to execute malware

At least one APT group has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security measures. Kaspersky researchers reported that an APT group, tracked as ToddyCat, has... Read more »

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Oracle confirmed a hacker stole credentials from two obsolete servers but said no Oracle Cloud systems or customer data were affected. Oracle confirmed a hacker stole and leaked credentials... Read more »
Subscribe to our Newsletter