Researchers compiled a list of 3.5 billion WhatsApp mobile phone numbers and associated personal information by abusing a contact-discovery API…
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining…
BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks Pierluigi Paganini November 22, 2025 APT24 used supply chain…
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The…
Salesforce has disclosed a significant security incident involving unauthorized access to customer data through compromised Gainsight-published applications. The breach, detected…
Leading cybersecurity firm CrowdStrike recently confirmed it fired an employee for sharing confidential internal details with a major hacking group….
Nov 22, 2025Ravie LakshmananCyber Espionage / Cloud Security The China-linked advanced persistent threat (APT) group known as APT31 has been…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Oracle vulnerability to its Known Exploited Vulnerabilities (KEV)…
Eight years after a researcher warned WhatsApp that it was possible to extract user phone numbers en masse from the…
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 22, 2025 U.S. Cybersecurity…
A sophisticated supply chain attack has reportedly compromised data across hundreds of organizations, linking the breach to a critical integration…
Nov 22, 2025Ravie LakshmananZero-Day / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical…