43K Malicious Npm Packages Exposed
Security researchers have uncovered a large-scale spam campaign within the npm ecosystem, now known as the IndonesianFoods worm. The attack involves over 43,000 spam packages…
Latest Cybersecurity News — Page 1000
View all →
CISA Warns WatchGuard Firebox Out-of-Bounds Write Vulnerability Exploited Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has released a warning about a serious vulnerability affecting WatchGuard Firebox security appliances. This flaw, tracked as CVE-2025-9242,…
New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware
Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across Windows and macOS platforms. The…
Nokod Security launches Adaptive Agent Security to protect AI agents across the entire ADLC
Nokod Security announced the launch of Adaptive Agent Security, a solution that delivers real-time visibility, governance, and protection from threats across the Agent Development Lifecycle…
Amazon Uncovers CVE-2025-20337 & CVE-2025-5777 Exploits
Amazon’s threat intelligence division has revealed a cyber-espionage campaign involving an advanced persistent threat (APT) group exploiting previously undisclosed zero-day vulnerabilities in systems from Cisco…
Targeted Phishing Attacks Hit Swiss Users
Phishing attacks are becoming increasingly targeted as scammers refine their tactics to exploit social and economic issues. Instead of mass emailing identical messages, cybercriminals now…
Microsoft SQL Server Vulnerability Let Attackers Escalate Privileges
Microsoft has released security updates to fix a serious vulnerability in SQL Server that allows attackers to gain higher system privileges. The flaw, tracked as…
Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked as CVE-2025-12101, poses a moderate…
Sprout: Open-source bootloader built for speed and security
Sprout is an open-source bootloader that delivers sub-second boot times and uses a clean, data-driven configuration format that works across operating systems. “We built Sprout…
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
Nov 13, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware…
CISA Warns of Federal Agencies Not Fully Patching Actively Exploited Cisco ASA or Firepower Devices
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding federal agencies. Failing to properly patch Cisco Adaptive Security Appliances (ASA) and…
Critical Dell Data Lakehouse Flaw Allows Remote Attackers to Escalate Privileges
Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and…