Exploitation

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions

Cybersecurity analysts have identified five significant vulnerabilities in Fluent Bit, a widely used open source telemetry agent. These flaws can be combined to compromise cloud environments and potentially give attackers full control over infrastructure. Oligo Security shared the findings, noting that the weaknesses allow authentication bypass, path traversal, remote code execution, service disruption, and tag […]

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions Read More »

Second Sha1 Hulud Wave Impacts More Than 25,000 Repositories Through npm Preinstall Credential Theft

A new supply chain attack has been identified across the npm ecosystem, marking a second wave of activity similar to the earlier Shai Hulud incident. Security companies report that thousands of repositories and hundreds of npm packages were compromised between November 21 and 23, 2025. The latest campaign has been named Sha1 Hulud and involves

Second Sha1 Hulud Wave Impacts More Than 25,000 Repositories Through npm Preinstall Credential Theft Read More »

CISA Alerts on a Critical Oracle Identity Manager Zero Day Vulnerability That Is Being Actively Exploited

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a newly discovered critical flaw in Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. The agency confirmed that the vulnerability is currently being exploited in real world attacks. The flaw is tracked as CVE 2025 61757 with a CVSS score of 9.8.

CISA Alerts on a Critical Oracle Identity Manager Zero Day Vulnerability That Is Being Actively Exploited Read More »

WrtHug Uses Six ASUS WRT Vulnerabilities to Hijack Tens of Thousands of End of Life Routers Worldwide

A large scale cyber campaign has been uncovered in which tens of thousands of outdated or end of life ASUS routers have been compromised across several regions, mainly Taiwan, the United States, and Russia. SecurityScorecard’s STRIKE team has named this global activity Operation WrtHug. The attackers are using old and vulnerable devices to create a

WrtHug Uses Six ASUS WRT Vulnerabilities to Hijack Tens of Thousands of End of Life Routers Worldwide Read More »

Hackers Are Actively Exploiting a 7 Zip Symbolic Link Based RCE Vulnerability CVE 2025 11001

A critical security flaw affecting 7-Zip, tracked as CVE-2025-11001, is currently being actively exploited in the wild. The issue allows remote code execution via symbolic links in ZIP archives and impacts versions prior to 25.00, which was released in July 2025. Details of the Vulnerability The vulnerability arises from improper handling of symbolic links in

Hackers Are Actively Exploiting a 7 Zip Symbolic Link Based RCE Vulnerability CVE 2025 11001 Read More »

Now Patched Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts

Security researchers have raised alarms over a critical authentication bypass vulnerability in Fortinet FortiWeb Web Application Firewall (WAF). Exploiting this flaw allows attackers to take control of admin accounts, potentially compromising the entire device. Vulnerability Overview According to watchTowr, active exploitation of a vulnerability patched silently in FortiWeb version 8.0.2 has been observed in the

Now Patched Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts Read More »

Researchers Discover Critical AI Bugs Affecting Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have identified critical remote code execution (RCE) vulnerabilities impacting major AI inference frameworks, including those maintained by Meta, Nvidia, Microsoft, and open-source projects like vLLM and SGLang. These flaws, collectively termed the ShadowMQ pattern, stem from unsafe deserialization of Python objects over ZeroMQ (ZMQ) sockets. Root Cause: Unsafe Deserialization According to Avi Lumelsky

Researchers Discover Critical AI Bugs Affecting Meta, Nvidia, and Microsoft Inference Frameworks Read More »

Amazon Uncovers Cyberattacks Exploiting Cisco ISE and Citrix NetScaler Zero-Day Vulnerabilities

Amazon’s threat intelligence division has discovered an ongoing campaign that exploits two critical zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC systems. These flaws are being weaponized by a highly advanced threat actor to deploy custom-built malware aimed at infiltrating enterprise environments. Critical Vulnerabilities Under Attack The attack campaign takes advantage

Amazon Uncovers Cyberattacks Exploiting Cisco ISE and Citrix NetScaler Zero-Day Vulnerabilities Read More »

Hackers Exploit Triofox Flaw to Install Remote Access Tools via Antivirus Feature

A critical vulnerability in the Triofox file-sharing platform is being actively exploited by threat actors to gain full system control. The attackers are using a clever technique: they are weaponizing the platform’s own built-in antivirus feature to download and execute remote access tools, effectively turning a security function into an attack vector. The Authentication Bypass

Hackers Exploit Triofox Flaw to Install Remote Access Tools via Antivirus Feature Read More »

Microsoft Uncovers ‘Whisper Leak’ Attack Revealing AI Chat Topics Through Encrypted Traffic

Microsoft has revealed a novel side-channel attack, dubbed “Whisper Leak,” that can compromise the privacy of conversations with AI chatbots. The technique allows an eavesdropper to infer the topic of a user’s prompt by analyzing encrypted network traffic, even when protected by HTTPS, posing a significant risk to user and enterprise confidentiality. How the Whisper

Microsoft Uncovers ‘Whisper Leak’ Attack Revealing AI Chat Topics Through Encrypted Traffic Read More »