Network Security

Hackers Breach SonicWall Cloud Firewall Backups, Prompting Urgent Security Reviews

SonicWall revealed on Wednesday that an unauthorized party gained access to firewall configuration backup files of customers using its cloud backup service. The compromised files contain encrypted credentials and configuration data. While the encryption remains active, possession of these files may increase the risk of targeted attacks The company is actively notifying all affected partners […]

Hackers Breach SonicWall Cloud Firewall Backups, Prompting Urgent Security Reviews Read More »

Hackers Abuse Legitimate Database Commands to Actively Compromise Databases

A new wave of sophisticated ransomware attacks is targeting organizations worldwide by abusing legitimate database commands, bypassing traditional security tools through “malware-free” operations. Unlike typical ransomware that relies on malicious binaries to encrypt files, attackers are exploiting exposed database services, using standard database functionality to steal, erase, and demand ransom for critical information. This technique

Hackers Abuse Legitimate Database Commands to Actively Compromise Databases Read More »

Linux Kernel ksmbd Filesystem Flaw Exploited, Proof of Concept Released

Security researchers have published a full proof-of-concept exploit for a serious vulnerability in the Linux kernel ksmbd module, showing a reliable route to local privilege escalation. The issue, tracked as CVE-2025-37947, is an out-of-bounds write that an authenticated local user can abuse to gain full root control on affected systems. What the bug is, and

Linux Kernel ksmbd Filesystem Flaw Exploited, Proof of Concept Released Read More »

Microsoft 365 Outage Blocks Access to Admin Center, Core Services, and Entra ID

A significant service outage has disrupted Microsoft 365, preventing users from accessing key services, including the Admin Center and applications that depend on Microsoft Entra ID for authentication. The issue began on Thursday, October 9, 2025, and is impacting organizations worldwide. Widespread Service Disruption The outage has affected users attempting to log in to the Microsoft 365

Microsoft 365 Outage Blocks Access to Admin Center, Core Services, and Entra ID Read More »

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers

A new cybersecurity investigation has revealed a large-scale cyber fraud operation linked to a Chinese-speaking group named UAT-8099. This group is reportedly involved in SEO manipulation, data theft, and unauthorized access to systems via compromised Microsoft IIS servers. The attackers primarily target regions like India, Thailand, Vietnam, Canada, and Brazil, with victims including universities, tech

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers Read More »

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe

Unknown threat actors have abused Milesight industrial cellular routers to send phishing SMS messages, or smishing, targeting users across several European countries since at least February 2022. French cybersecurity firm SEKOIA reports that attackers leveraged exposed router APIs to distribute malicious links, with a focus on Sweden, Italy, and Belgium. The campaigns impersonated government services,

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe Read More »

DataCenter Fire Knocks 600+ South Korean Government Websites Offline

A lithium-ion battery explosion at a major government data center in South Korea has disrupted more than 600 critical services, underscoring the risks of centralizing vital digital infrastructure. The fire broke out Friday night at the National Information Resources Service (NIRS) facility in Daejeon. According to officials, a disconnected battery exploded during relocation work around

DataCenter Fire Knocks 600+ South Korean Government Websites Offline Read More »

Threat Actors Exploit Dynamic DNS Providers for Malicious Activities

Cybersecurity experts are sounding the alarm over a rising threat vector, as malicious actors increasingly exploit Dynamic DNS (DDNS) providers to create resilient command and control (C2) infrastructure. These subdomain rental services, originally intended for legitimate hosting purposes, have become a preferred tool for cybercriminals seeking to bypass traditional security defenses and regulatory oversight. The

Threat Actors Exploit Dynamic DNS Providers for Malicious Activities Read More »

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack

Cloudflare has once again proven the strength of its global defense infrastructure by automatically stopping a record-breaking 11.5 terabits per second (Tbps) distributed denial-of-service (DDoS) attack. This massive cyber offensive is now the largest volumetric DDoS attack ever mitigated, highlighting both the scale of modern threats and the growing sophistication of attackers. The Attack in

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack Read More »

Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

Cybersecurity researchers have identified a Ukraine-based IP network, FDN3 (AS211736), as the source of massive brute-force and password spraying attacks against SSL VPN and RDP systems. These activities took place between June and July 2025 and have raised concerns about the growing abuse of bulletproof hosting infrastructure to launch large-scale cyberattacks. The Origin of Attacks

Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices Read More »