Internet Security

Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw

October 23, 2025 add comment
Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts via REST API. Over 250 attacks in 24 hours. E-commerce security company Sansec researchers warn that threat actors... Read more »

Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy

October 23, 2025 add comment
The attack on Jaguar Land Rover costs the UK economy $2.5B, marking its most damaging cyber incident, says CMC. In early September, Jaguar Land Rover shut down systems to mitigate... Read more »

PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025

October 22, 2025 add comment
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordinated spear-phishing campaign... Read more »

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

October 22, 2025 add comment
TP-Link warns of critical flaws in Omada gateways across ER, G, and FR models. Users should update firmware immediately to stay secure. TP-Link is warning users of critical flaws... Read more »

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

October 22, 2025 add comment
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed... Read more »

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

October 22, 2025 add comment
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been quickly upgrading... Read more »

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

October 21, 2025 add comment
Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access. Japanese retailer giant Muji suspended online sales after a... Read more »

U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog

October 21, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows,... Read more »

China-Linked Salt Typhoon breaches European Telecom via Citrix exploit

October 21, 2025 add comment
China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by... Read more »

Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

October 20, 2025 add comment
Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached... Read more »
Subscribe to our Newsletter