Cisco Catalyst Center Vulnerability Let Attackers Escalate Priveleges
A serious security flaw in Cisco Catalyst Center Virtual Appliance has been discovered that allows attackers with low-level access to gain full administrator control over…
Latest Cybersecurity News — Page 1248
View all →
PoC Exploit Tool Released for FortiWeb WAF Vulnerability Exploited in the Wild
A proof-of-concept (PoC) exploit tool for CVE-2025-64446 has been publicly released on GitHub. This vulnerability, affecting FortiWeb devices from Fortinet, involves a critical path traversal…
RONINGLOADER Weaponized Weaponizes Signed Drivers to Disable Defender and Evade EDR Tools
A new threat targeting Chinese users has appeared with a dangerous ability to shut down security tools. RONINGLOADER, a multi-stage loader spreading a modified version…
Critical pgAdmin4 Vulnerability Lets Attackers Execute Remote Code on Servers
A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases. Dubbed CVE-2025-12762, the vulnerability affects versions…
First Large-scale Cyberattack Using AI With Minimal Human Input
Chinese government-backed hackers used Anthropic’s Claude Code tool to carry out advanced spying on about thirty targets worldwide, successfully breaking into several major organizations. The…
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
The United States issued a seizure warrant to Starlink this week related to satellite internet infrastructure used in a scam compound in Myanmar. The action…
Five U.S. Citizens Plead Guilty to Helping North Korean IT Workers Infiltrate 136 Companies
The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling…
Hackers are Weaponizing Invoices to Deliver XWorm That Steals Login Credentials
Attackers are using fake invoice emails to spread XWorm, a remote-access trojan that quietly steals login credentials, passwords, and sensitive files from infected computers. When…
Highly Sophisticated macOS DigitStealer Employs Multi-Stage Attacks to Evade detection
A new malware family targeting macOS systems has emerged with advanced detection evasion techniques and multi-stage attack chains. Named DigitStealer, this information stealer uses multiple…
A Multi-Stage Phishing Kit Using Telegram to Harvest Credentials and Bypass Automated Detection
Phishing attacks continue to be one of the most persistent threats targeting organizations worldwide. Cybercriminals are constantly improving their methods to steal sensitive information, and…
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 15, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet…
Formbook Malware Delivered Using Weaponized Zip Files and Multiple Scripts
A new wave of Formbook malware attacks has appeared, using weaponized ZIP archives and multiple script layers to bypass security controls. The attacks begin with…