All SonicWall Cloud Backup Users Had Firewall Configurations Stolen
SonicWall on Wednesday announced that all customers who used its cloud backup service to store firewall configuration files were impacted by a recent data breach.…
Month: October 2025
Linux Kernel ksmbd Filesystem Vulnerability Exploited
Security researchers have released a full proof-of-concept (PoC) exploit for a high-severity vulnerability in the Linux kernel’s ksmbd module, demonstrating a reliable path to local…
GitLab Releases Security Update to Patch Multiple DoS-Enabling Vulnerabilities
GitLab has issued a critical security update to address several denial-of-service (DoS) vulnerabilities affecting both Community Edition (CE) and Enterprise Edition (EE). Self-managed installations should…
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
Oct 09, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it…
Discord Data Breach Exposes 1.5 TB of Data and 2 Million Government ID Photos
The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data…
Zimbra ZCS Flaw CVE-2025-27915 Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent alert concerning an actively exploited zero-day vulnerability in the Zimbra Collaboration Suite (ZCS).…
Hackers Abuse CSS Properties With Messages to Inject Malicious Codes in Hidden Text Salting Attack
A sophisticated technique known as hidden text salting has emerged as a significant threat to email security systems, allowing cybercriminals to bypass detection mechanisms through…
Data-Leak Sites Surge to Record Levels Amid Scattered Spider RaaS and LockBit 5.0 Rise
Ransomware threats reached a tipping point in Q3 2025 as data-leak sites surged to a record 81 active platforms, driven by major developments across the…
Your First Step To Cyber Safety In 2025
In a world where passwords are stolen, phished, or guessed every second, multifactor authentication (MFA) has quietly become one of the most effective shields against…
Ancient, critical “RediShell” bug menaces thousands of servers
Security research firm Wiz is strongly urging organisations to patch a very serious vulnerability in the Redis database that, if exploited, can grant attackers full…
IRGC-Linked APT35 Structure, Tools, and Espionage Operations Disclosed
Since emerging in the mid-2010s as a persistent threat actor, the IRGC-linked APT35 collective has continually adapted its tactics to target government entities, energy firms,…
Chinese Hackers Weaponize Nezha Tool to Run Commands on Web Servers
Security researchers have uncovered a sophisticated cyberattack campaign where Chinese threat actors are exploiting web applications using an innovative log poisoning technique to deploy web…