SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch released in June 2025 Security Patch. SAP June 2025 Security Patch addressed a critical... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai warned. Akamai researchers warn that multiple Mirai botnets exploit the critical remote code execution... Read more »

China-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks from July 2024 to March 2025. In April 2025, cybersecurity firm SentinelOne warned that... Read more »

US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes, per a new DOJ forfeiture complaint. The DOJ filed a civil forfeiture complaint for... Read more »

OpenAI banned ChatGPT accounts tied to Russian and Chinese hackers using the tool for malware, social media abuse, and U.S. satellite tech research. OpenAI banned ChatGPT accounts that were... Read more »

A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of... Read more »

BadBox 2.0 malware has infected millions of IoT devices globally, creating a botnet used for cyber criminal activities, the FBI warns. The FBI published a Public Service Announcement (PSA)... Read more »

A supply chain attack hit NPM, threat actors compromised 16 popular Gluestack packages, affecting 950K+ weekly downloads. Researchers from Aikido Security discovered a new supply chain attack targeted NPM,... Read more »