Cybercriminals have ramped up attacks on WordPress websites by stealthily modifying theme files to serve unauthorized third-party scripts. This campaign…
Japanese brewing giant Asahi Group Holdings has confirmed that a ransomware attack has caused the week-long outage at its domestic…
Zimbra users targeted in zero-day exploit using iCalendar attachments Pierluigi Paganini October 06, 2025 Threat actors exploited a Zimbra zero-day…
A publicly available proof-of-concept (PoC) exploit has been released for CVE-2025-32463, a local privilege escalation (LPE) flaw in the Sudo…
Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools…
October 3, 2025 – After posting children’s photos online and issuing ransom demands, cybercriminals targeting Kido nurseries say they’ve erased…
Reading the ENISA Threat Landscape 2025 report Pierluigi Paganini October 06, 2025 ENISA Threat Landscape 2025: Rising ransomware, AI phishing,…
A sophisticated technique uncovered where threat actors abuse Amazon Web Services‘ X-Ray distributed tracing service to establish covert command and…
A critical security vulnerability has been discovered in Redis Server that could allow authenticated attackers to achieve remote code execution…
Many organizations still rely on weak authentication methods while workers’ personal habits create additional risks, according to Yubico. Training and…
Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day…
A critical zero-day vulnerability in Oracle E-Business Suite has emerged as a significant threat to enterprise environments, with proof-of-concept (PoC)…