Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
Dec 04, 2025Ravie LakshmananDDoS Attacks / Network Security Cloudflare on Wednesday said it detected and mitigated the largest ever distributed...
detected
AI as Cyberattacker
From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage...
Fortinet FortiWeb Authentication Bypass and Command Injection Vulnerability (CVE-2025-64446/CVE-2025-58034) Notice
Overview Recently, NSFOCUS CERT detected that Fortinet issued a security bulletin to fix the FortiWeb authentication bypass and command...
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Nov 21, 2025Ravie LakshmananData Breach / SaaS Security Salesforce has warned of detected "unusual activity" related to Gainsight-published applications connected...
Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet
Microsoft on Monday disclosed that it automatically detected and neutralized a distributed denial-of-service (DDoS) attack targeting a single endpoint in...
JumpServer Connection Token Improper Authentication Vulnerability (CVE-2025-62712) Notice
Overview Recently, NSFOCUS CERT detected that JumpServer issued a security bulletin to fix the JumpServer connection token improper authentication...
Apache Tomcat Path Traversal Vulnerability (CVE-2025-55752) Notice
Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the Apache Tomcat path traversal vulnerability...
Stopping Coordinated Attacks from Mumbai | Application Detection & Response | Contrast Security
Over one weekend, Contrast detected 87 coordinated attacks originating from infrastructure in Mumbai, India that targeted the usually dangerous...
Samba WINS Command Injection Vulnerability (CVE-2025-10230) Notice
Overview Recently, NSFOCUS CERT detected that Samba released a security update to fix the Samba WINS command injection vulnerability (CVE-2025-10230);...
Microsoft Sniffs Out AI-Based Phishing Campaign Using Its AI-Based Tools
Microsoft’s threat researchers recently detected and blocked a phishing campaign that appeared to use a large language model (LLM) to...
Ivanti Endpoint Manager Mobile Authentication Bypass and Remote Code Execution Vulnerability (CVE-2025-4427/CVE-2025-4428)
Recently, NSFOCUS CERT detected that Ivanti issued a security advisory to fix the authentication bypass and remote code execution vulnerabilities...
Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool
In a new campaign detected in March 2025, senior members of the World Uyghur Congress (WUC) living in exile have...
FOG Ransomware Propagated by Hackers Alleging Connections to DOGE
Confirmation has been made that the ransomware payload incorporated in the identified samples is indeed FOG ransomware and is identified...
Microsoft: Windows CLFS Weakness Could Result in ‘Extensive Deployment and Activation of Ransomware’
Image: nicescene/Adobe Stock A zero-day weakness in the Windows Common Log File System (CLFS) has been discovered by Microsoft. The...
Mirai Botnet Executes Unprecedented 5.6 Terabits per Second DDoS Assault using Over 13,000 IoT Gadgets
On Tuesday, the web security firm Cloudflare disclosed that it uncovered and thwarted a massive distributed denial-of-service (DDoS) offensive reaching...
