The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a newly discovered critical flaw in Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. The agency confirmed that the vulnerability is currently being exploited in real world attacks. The flaw is tracked as CVE 2025 61757 with a CVSS score of 9.8. […]
A large scale cyber campaign has been uncovered in which tens of thousands of outdated or end of life ASUS routers have been compromised across several regions, mainly Taiwan, the United States, and Russia. SecurityScorecard’s STRIKE team has named this global activity Operation WrtHug. The attackers are using old and vulnerable devices to create a
A critical security flaw affecting 7-Zip, tracked as CVE-2025-11001, is currently being actively exploited in the wild. The issue allows remote code execution via symbolic links in ZIP archives and impacts versions prior to 25.00, which was released in July 2025. Details of the Vulnerability The vulnerability arises from improper handling of symbolic links in
Security researchers have raised alarms over a critical authentication bypass vulnerability in Fortinet FortiWeb Web Application Firewall (WAF). Exploiting this flaw allows attackers to take control of admin accounts, potentially compromising the entire device. Vulnerability Overview According to watchTowr, active exploitation of a vulnerability patched silently in FortiWeb version 8.0.2 has been observed in the
Cybersecurity researchers have identified critical remote code execution (RCE) vulnerabilities impacting major AI inference frameworks, including those maintained by Meta, Nvidia, Microsoft, and open-source projects like vLLM and SGLang. These flaws, collectively termed the ShadowMQ pattern, stem from unsafe deserialization of Python objects over ZeroMQ (ZMQ) sockets. Root Cause: Unsafe Deserialization According to Avi Lumelsky
Amazon’s threat intelligence division has discovered an ongoing campaign that exploits two critical zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC systems. These flaws are being weaponized by a highly advanced threat actor to deploy custom-built malware aimed at infiltrating enterprise environments. Critical Vulnerabilities Under Attack The attack campaign takes advantage
A critical vulnerability in the Triofox file-sharing platform is being actively exploited by threat actors to gain full system control. The attackers are using a clever technique: they are weaponizing the platform’s own built-in antivirus feature to download and execute remote access tools, effectively turning a security function into an attack vector. The Authentication Bypass
Hackers Exploit Triofox Flaw to Install Remote Access Tools via Antivirus Feature Read More »
Microsoft has revealed a novel side-channel attack, dubbed “Whisper Leak,” that can compromise the privacy of conversations with AI chatbots. The technique allows an eavesdropper to infer the topic of a user’s prompt by analyzing encrypted network traffic, even when protected by HTTPS, posing a significant risk to user and enterprise confidentiality. How the Whisper
A critical security vulnerability in Samsung Galaxy Android devices was exploited as a zero-day to deploy a sophisticated commercial-grade spyware known as LANDFALL. The targeted attacks, focused in the Middle East, used a specially crafted image file sent through WhatsApp to compromise devices without any user interaction. The Exploited Vulnerability and Its Patch The flaw,
Zero-Click Samsung Flaw Used to Deliver LANDFALL Android Spyware Through WhatsApp Read More »
Chinese state aligned hacking groups continue to rely on long standing software vulnerabilities to conduct stealthy cyber operations across the globe. A recent incident involving a U.S. based non profit organization shows how older flaws such as Log4j, Atlassian, Struts, and IIS weaknesses are still being reused to gain long term access for intelligence gathering.
China’s Hackers Repurpose Legacy Flaws, from Log4j to IIS, into Global Espionage Tools Read More »