Network Security

PhantomCore Leverages TrueConf Vulnerabilities to Compromise Russian Networks

A pro Ukrainian hacktivist group known as PhantomCore has been linked to a series of cyberattacks targeting servers running TrueConf video conferencing software across Russia since September 2025. Security researchers report that the campaign involves a carefully built exploitation chain that allows remote command execution and deep network infiltration. Exploitation of TrueConf Security Flaws According […]

PhantomCore Leverages TrueConf Vulnerabilities to Compromise Russian Networks Read More »

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign

A sophisticated cyber espionage campaign linked to Russia’s notorious threat group APT28, also tracked as Forest Blizzard, has been uncovered targeting vulnerable home and small office routers worldwide. The operation focuses on manipulating DNS configurations to intercept sensitive data without user awareness. The campaign, named FrostArmada by Black Lotus Labs, has been active since at least May

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign Read More »

Citrix NetScaler Faces Active Reconnaissance for CVE-2026-3055 High-Severity Memory Overread Vulnerability

A newly disclosed high-risk vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway is already drawing attention from threat actors, with security firms reporting active reconnaissance activity targeting exposed systems. Critical Memory Overread Vulnerability Identified The flaw, tracked as CVE-2026-3055, has been assigned a CVSS score of 9.3, highlighting its severity. This issue stems from improper input

Citrix NetScaler Faces Active Reconnaissance for CVE-2026-3055 High-Severity Memory Overread Vulnerability Read More »

CISA Adds CVE-2025-53521 to KEV List Following Active Exploitation of F5 BIG-IP APM

The U.S. cybersecurity authority, Cybersecurity and Infrastructure Security Agency (CISA), has officially added a high-severity vulnerability affecting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog after confirming real-world attacks. Critical Vulnerability Escalates to Remote Code Execution The flaw, tracked as CVE-2025-53521, carries a CVSS v4 score of 9.3 and allows attackers to

CISA Adds CVE-2025-53521 to KEV List Following Active Exploitation of F5 BIG-IP APM Read More »

Citrix Urges Immediate Patching of Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

Citrix has released critical security updates to address serious vulnerabilities in its NetScaler ADC and NetScaler Gateway products, warning organizations about the potential risk of sensitive data exposure. The update includes fixes for two security flaws, one of which could allow attackers to access sensitive information without authentication, raising concerns across enterprise environments. Critical Vulnerability

Citrix Urges Immediate Patching of Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Read More »

Hackers Exploit CVE-2025-32975 CVSS 10.0 to Take Over Unpatched Quest KACE SMA Systems

Cybersecurity researchers have identified active exploitation of a critical security flaw affecting Quest KACE Systems Management Appliance (SMA), raising serious concerns for organizations relying on the platform. According to recent findings from Arctic Wolf, suspicious activity linked to this vulnerability began emerging during the week of March 9, 2026. The attacks specifically target SMA systems

Hackers Exploit CVE-2025-32975 CVSS 10.0 to Take Over Unpatched Quest KACE SMA Systems Read More »

Nine Critical IP KVM Vulnerabilities Allow Unauthenticated Root Access Across Four Vendors

Cybersecurity researchers have revealed nine severe vulnerabilities in low-cost IP KVM devices, highlighting the risks posed by these networked remote management tools. The flaws were discovered by Eclypsium and affect products from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. IP KVM devices provide remote access to a system’s keyboard, video output, and

Nine Critical IP KVM Vulnerabilities Allow Unauthenticated Root Access Across Four Vendors Read More »

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE

Cybersecurity experts have revealed a serious security weakness affecting the Telnet service implementation in GNU InetUtils. The vulnerability could allow a remote attacker to execute malicious code on vulnerable systems without authentication. The issue has been assigned the identifier CVE-2026-32746 and has received a CVSS severity score of 9.8, indicating a critical level of risk.

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE Read More »

FortiGate Devices

Attackers Exploit FortiGate Devices to Breach Networks and Steal Service Account Credentials

Cybersecurity researchers have uncovered a campaign in which threat actors are exploiting vulnerabilities in FortiGate Next‑Generation Firewall devices to gain unauthorized access to corporate networks and steal sensitive credentials. According to a report from SentinelOne, attackers are targeting firewall appliances by exploiting recently disclosed security flaws or by using weak authentication credentials. Once inside the system,

Attackers Exploit FortiGate Devices to Breach Networks and Steal Service Account Credentials Read More »

KadNap Malware

KadNap Malware Compromises Over 14,000 Edge Devices to Build Stealth Proxy Botnet

Cybersecurity researchers have uncovered a sophisticated malware campaign involving a threat dubbed KadNap, which primarily targets Asus routers and other edge devices to build a stealthy proxy botnet. The malware has compromised over 14,000 devices globally, with more than 60% of infections in the U.S., according to Black Lotus Labs at Lumen. KadNap uses a custom implementation of the Kademlia Distributed

KadNap Malware Compromises Over 14,000 Edge Devices to Build Stealth Proxy Botnet Read More »