Parked Domains Emerge as a Primary Channel for Malware and Phishing
The landscape of domain parking has transformed dramatically over the past decade, shifting from a relatively benign monetization strategy to a sophisticated vector for cybercrime.…
Latest Cybersecurity News — Page 1056
View all →
Why vulnerability reports stall inside shared hosting companies
Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into…
Chrome Security Update – Patch for Critical Vulnerabilities that Enables Remote Code Execution
Google has released Chrome version 143.0.7499.146/.147 to address critical security vulnerabilities that could enable remote code execution on affected systems. The update is now rolling…
Zabbix: Open-source IT and OT observability solution
Zabbix is an open source monitoring platform designed to track the availability, performance, and integrity of IT environments. It monitors networks along with servers, virtual…
CSF 2.0 Guidance For AI Security
Artificial intelligence is increasingly embedded in enterprise environments, creating new cybersecurity risks alongside operational benefits. To address this shift, the National Institute of Standards and…
BlindEagle Hackers Attacking Organization to Abuse Trust and Bypass Email Security Controls
In a sophisticated cyberespionage campaign, the BlindEagle threat actor has once again targeted Colombian government institutions. This latest operation specifically zeroed in on an agency…
AI breaks the old security playbook
AI has moved into enterprise operations faster than many security programs expected. It is embedded in workflows, physical systems, and core infrastructure. Some AI tools…
Telcos argue ACMA’s $2.3bn spectrum fee-hike will crush investment
Australia’s mobile network operators have expressed disappointment universally at the prospect of paying up to $2.3 billion more than expected for spectrum they need to…
GhostPairing Attack Exposes WhatsApp Accounts to Full Takeover via Phone Numbers
A novel WhatsApp account-takeover campaign dubbed “GhostPairing Attack” has emerged, enabling threat actors to gain complete access to victim accounts without stealing passwords or conducting…
Microsoft Outlines Mitigation for React2Shell RCE Vulnerability in React Server Components
Microsoft has released comprehensive guidance on CVE-2025-55182, a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and the Next.js framework. Assigned a…
A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations
A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations Pierluigi Paganini December 16, 2025 A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s…
Critical FortiGate SSO Vulnerability Actively Exploited in Real-World Attacks
Fortinet’s FortiGate appliances face immediate threat from two critical authentication bypass vulnerabilities being actively exploited in production environments. Fortinet released advisories for CVE-2025-59718 and CVE-2025-59719…