SolarWinds Web Help Desk Vulnerability Enables Privilege Escalation
A critical vulnerability in SolarWinds Web Help Desk (WHD) could allow attackers to escalate privileges and execute arbitrary code on affected systems. SolarWinds has released…
Month: September 2025
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
A group of Iranian hackers known as Nimbus Manticore is expanding its operations, now focusing on major companies across Europe. According to new research from…
SolarWinds warns over dangerous RCE flaw
SolarWinds is urging users of its Web Help Desk helpdesk ticketing and asset management software to ensure their instances are up-to-date after patching a newly-uncovered…
Many ‘material’ cybersecurity breaches go unreported: VikingCloud
Dive Brief: Nearly half (48%) of cybersecurity leaders didn’t report a “material” cybersecurity incident to their executive leadership or board of directors in the past…
Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack
Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps).…
U.S. Secret Service Dismantles 300 SIM Servers and 100,000 SIM Cards
The U.S. Secret Service has dismantled a massive, sophisticated network of electronic devices in the New York tristate area, thwarting what it described as an…
New npm Malware Steals Browser Passwords via Steganographic QR Code
A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and…
After Shai-Hulud, GitHub tightens npm publishing security
Attackers are constantly finding ways to take over accounts and push malicious packages to the npm registry, the (GitHub-operated) online repository for JavaScript and Node.js…
Jaguar Land Rover extends cyber attack-induced shutdown to October
The assembly lines at Jaguar Land Rover will continue to lay silent, after the company announced a halt in production until 1 October 2025, in…
US Secret Service dismantled covert communications network near the U.N. in New York
US Secret Service dismantled covert communications network near the U.N. in New York Pierluigi Paganini September 23, 2025 Secret Service seizes a covert communications network…
CISA says hackers breached federal agency using GeoServer exploit
CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer…
Tata-Owned Jaguar Land Rover Delays Factory Reopening Following Major Cyber Attack
Jaguar Land Rover (JLR), the United Kingdom’s largest automotive manufacturer, has announced an additional delay in resuming production at its factories following a significant cyber-attack…