Critical Zimbra SSRF Flaw Exposes Sensitive Data
Zimbra has released an emergency security patch to address a critical Server-Side Request Forgery (SSRF) vulnerability that could allow attackers to access sensitive data through…
Month: October 2025
Europol takes down SIM-Box ring linked to 3,200 scams
SIMCARTEL operation: Europol takes down SIM-Box ring linked to 3,200 scams Pierluigi Paganini October 18, 2025 Europol’s SIMCARTEL operation shut down a SIM-box network behind…
Microsoft Windows 11 October Update Disrupts Localhost (127.0.0.1) Connectivity
Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security patch KB5066835, released on October…
PoC Exploit Released for 7-Zip Vulnerabilities that Let Attackers Execute Arbitrary Code Remotely
A proof-of-concept exploit for two critical vulnerabilities in the popular file archiver 7-Zip, potentially allowing attackers to execute arbitrary code remotely through malicious ZIP files.…
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan…
Authorities Dismantle Cybercrime-as-a-Service Platform, Seize 40,000 Active SIM Cards
An international law enforcement operation has dismantled a large-scale cybercrime-as-a-service network responsible for fueling thousands of online fraud cases across Europe. The operation, known as…
Critical Zimbra SSRF Vulnerability Let Attackers Access Sensitive Data
A newly disclosed Server-Side Request Forgery (SSRF) flaw in Zimbra Collaboration Suite has raised major security concerns, prompting administrators to patch systems immediately. The issue,…
American Airlines subsidiary Envoy confirms Oracle data theft attack
Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion…
Europol dismantles cybercrime network linked to $5.8M in financial losses
European law enforcement dismantled and seized an expansive cybercrime operation used to facilitate phishing attacks via mobile networks for fraud, including account intrusions, credential and…
ConnectWise fixes Automate bug allowing AiTM update attacks
ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and…
Why Airline Data Breaches Are Up
Airlines are a popular target for hackers in part because of the amount of personal data they collect – and no personal data is more…
Europol dismantles SIM box operation renting numbers for cybercrime
European law enforcement in an operation codenamed ‘SIMCARTEL’ has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5…