The Apache Software Foundation has disclosed two new security vulnerabilities affecting multiple versions of Apache Tomcat, warning system administrators to take immediate action. The flaws, identified as CVE-2025-55752 and CVE-2025-55754, were…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two DELMIA Apriso vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Today’s addition of CVE-2025-6204…
A new study that looked at 231 people exposed by a 2022 UK data leak of Afghans seeking resettlement after the Taliban takeover found that…
Caller ID spoofing causes nearly $1 billion (EUR 850 million) in financial losses from fraud and scams each year, according to a new Europol position…
A critical vulnerability, tracked as CVE-2025-55315, has been identified in QNAP’s NetBak PC Agent, stemming from a flaw within Microsoft’s ASP.NET Core framework. The issue allows attackers to exploit HTTP Request Smuggling…
Bengaluru’s Central Crime Branch (CCB) has dismantled a major international cybercrime racket, revealing a hacking operation that siphoned off ₹47 crore (approximately $5.6 million) from…
The City Council of North Canton, Ohio, is preparing to adopt a new cybersecurity policy designed to strengthen digital defenses and comply with statewide regulations.…
A newly disclosed security flaw has put more than 706,000 BIND 9 DNS resolvers worldwide at risk of cache poisoning attacks, according to an advisory published by…
More than 3,000 malicious YouTube videos were used to distribute infostealer malware, according to a new report detailing the operation. Dubbed the “YouTube Ghost Network”…
The name said it all: DroneEXEHijackingLoader.dll. That internal file name, buried in malicious code delivered to three European defense contractors, revealed what security researchers now…
Microsoft has released an urgent out-of-band security update to address a severe remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw,…
Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics…
