Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
Nov 19, 2025Ravie LakshmananVulnerability / Threat Intelligence A recently disclosed security flaw impacting 7-Zip has come under active exploitation in...
2025Ravie
WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
Nov 19, 2025Ravie LakshmananVulnerability / Threat Intelligence A newly discovered campaign has compromised tens of thousands of outdated or end-of-life...
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
Nov 19, 2025Ravie LakshmananCyber Espionage / MalwareThe threat actor known as PlushDaemon has been observed using a previously undocumented Go-based...
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Nov 19, 2025Ravie LakshmananAI Security / SaaS Security Malicious actors can exploit default configurations in ServiceNow's Now Assist generative artificial...
Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild
Nov 19, 2025Ravie LakshmananVulnerability / Network Security Fortinet has warned of a new security flaw in FortiWeb that it said...
Meta Expands WhatsApp Security Research with New Proxy Tool and $4M in Bounties This Year
Nov 18, 2025Ravie LakshmananBug Bounty / Data Privacy Meta on Tuesday said it has made available a tool called WhatsApp...
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Nov 18, 2025Ravie LakshmananBrowser Security / Vulnerability Google on Monday released security updates for its Chrome browser to address two...
New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT
Nov 17, 2025Ravie Lakshmanan Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera...
⚡ Weekly Recap: Fortinet Exploited, China’s AI Hacks, PhaaS Empire Falls & More
Nov 17, 2025Ravie LakshmananCybersecurity / Hacking News This week showed just how fast things can go wrong when no one's...
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Nov 17, 2025Ravie LakshmananVulnerability / Mobile Security Google has disclosed that the company's continued adoption of the Rust programming language...
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
Nov 15, 2025Ravie LakshmananMalware / Vulnerability The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against...
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels
Nov 14, 2025Ravie LakshmananMalware / Threat Intelligence The North Korean threat actors behind the Contagious Interview campaign have once again...
Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts
Nov 14, 2025Ravie LakshmananThreat Intelligence / Vulnerability Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet...
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
Nov 13, 2025Ravie LakshmananBrowser Security / Threat Intelligence Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a...
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown
Nov 13, 2025Ravie LakshmananBotnet / Cybercrime Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted...
