Internet Security

CrushFTP zero-day actively exploited at least since July 18

July 22, 2025 add comment
Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors are exploiting a zero-day vulnerability, tracked as CVE-2025-54309 (CVSS... Read more »

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

July 22, 2025 add comment
Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface. HPE disclosed hardcoded credentials in Aruba Instant On Wi-Fi devices... Read more »

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

July 21, 2025 add comment
Iran-linked APT MuddyWater is deploying new DCHSpy spyware variants to target Android users amid the ongoing conflict with Israel. Lookout researchers observed Iran-linked APT MuddyWater  (aka SeedWorm, TEMP.Zagros, and Static Kitten) is deploying a... Read more »

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

July 21, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft SharePoint flaw, tracked as CVE-2025-53770... Read more »

Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks

July 21, 2025 add comment
Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws, tracked... Read more »

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

July 21, 2025 add comment
Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which... Read more »

Singapore warns China-linked group UNC3886 targets its critical infrastructure

July 20, 2025 add comment
Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructure. UNC3886 is a... Read more »

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

July 20, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257,... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54

July 20, 2025 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape KongTuke FileFix Leads to New Interlock RAT Variant   Code highlighting... Read more »

Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION

July 20, 2025 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »
Subscribe to our Newsletter