CVE-2025-11371, a unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited…
Oct 10, 2025Ravie LakshmananVulnerability / Zero-Day Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security…
Trend Micro’s Zero Day Initiative (ZDI) this week published 13 advisories describing unpatched vulnerabilities in Ivanti Endpoint Manager. One of…
Emerging from a recent wave of targeted campaigns, SnakeKeylogger has surfaced as a potent infostealer that capitalizes on PowerShell and…
“The plans are being used and being built,” says Michael “Barni” Barnhart, a leading authority in North Korean hacking and…
Gladinet CentreStack and Triofox have come under active attack as threat actors exploit an unauthenticated local file inclusion flaw (CVE-2025-11371)….
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The threat actor,…
Apple on Friday announced significant updates to its bug bounty program and the company is now offering up to $2…
U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 10, 2025 U.S. Cybersecurity and Infrastructure Security…
A sophisticated Android spyware campaign dubbed ClayRat has emerged as one of the most concerning mobile threats of 2025, masquerading…
Since launching its bug bounty program nearly a decade ago, Apple has always touted notable maximum payouts—$200,000 in 2016 and…
The RondoDox campaign’s “exploit shotgun” method leverages over 50 vulnerabilities across more than 30 vendors to infiltrate network devices, highlighting…