Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity
A newly disclosed vulnerability in Google Chrome and Chromium-based browsers is putting users at risk of data leaks. Tracked as CVE-2025-4664, the flaw allows attackers…
Latest Cybersecurity News — Page 1904
View all →
DanaBot botnet disrupted, QakBot leader indicted
Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot…
HMRC’s hunt for hyperscaler to lead £500m datacentre exit project deemed ‘anti-competitive’
HM Revenue & Customs’ (HMRC’s) £500m tender for a hyperscaler to manage a 10-year datacentre exit and cloud migration project for the government tax collection…
Russian Qakbot Gang Leader Indicted in US
A Russian national has been indicted in the US for leading the cybercrime group behind the infamous Qakbot malware and botnet. The individual, Rustam Rafailevich…
Intigriti Bug Bytes #224 – May 2025
Hello Hackers Spring is in the air, and so is the sweet scent of freshly reported bugs. Intigriti’s blooming too—each month, we squad up with…
TAG-110 Hackers Deploy Malicious Word Templates in Targeted Attacks
The Russia-aligned threat actor TAG-110, also linked to UAC-0063 and APT28 (BlueDelta) with medium confidence by CERT-UA, has shifted tactics to target government, educational, and…
Open Source Web Application Firewall with Zero-Day Detection and Bot Protection
From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine…
Companies Warned of Commvault Vulnerability Exploitation
The ongoing exploitation of a Commvault vulnerability that was targeted as a zero-day is likely part of a broader campaign against software-as-a-service (SaaS) solutions, the…
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. As Trend Micro recently discovered,…
Critical NETGEAR Router Flaw Allows Full Admin Access by Attackers
A severe authentication bypass vulnerability (CVE-2025-4978) has been uncovered in NETGEAR’s DGND3700v2 wireless routers, enabling unauthenticated attackers to gain full administrative control over affected devices.…
Cloudflare Fixes CVE-2025-4366 In Pingora OSS Framework
Cloudflare has alerted users of a security vulnerability—tracked as CVE-2025-4366—in the widely used Pingora OSS framework. This vulnerability, a request smuggling flaw, was discovered by…
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A China-linked threat actor exploited a Trimble Cityworks zero-day vulnerability in attacks against local government entities in the US, Cisco Talos reports. Tracked as CVE-2025-0994…