Uncategorized

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

March 1, 2026 add comment
About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells following... Read more »

Microsoft warns of RAT delivered through trojanized gaming utilities

February 28, 2026 add comment
Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilities shared through... Read more »

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

February 18, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

February 14, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

February 13, 2026 add comment
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code execution. Threat actors rapidly began exploiting a newly patched BeyondTrust vulnerability, tracked as CVE-2026-1731... Read more »

Odido confirms massive breach; 6.2 Million customers impacted

February 12, 2026 add comment
Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. Hackers broke into Dutch telecom firm Odido and... Read more »

LummaStealer activity spikes post-law enforcement disruption

February 12, 2026 add comment
Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the MaaS infostealer recovered after 2025... Read more »

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

February 12, 2026 add comment
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabilities in... Read more »

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

February 10, 2026 add comment
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows,... Read more »

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

February 5, 2026 add comment
Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email‑based newsletters... Read more »
Subscribe to our Newsletter