Decades-old ‘Finger’ protocol abused in ClickFix malware attacks
The decades-old “finger” command is making a comeback,, with threat actors using the protocol to retrieve remote commands to execute on Windows devices. In the past, people…
Latest Cybersecurity News — Page 981
View all →
DoorDash hit by data breach after an employee falls for social engineering scam
DoorDash, the popular food delivery company, is once again dealing with a public relations issue following a data breach where an unauthorised person, reportedly, stole…
Jaguar Land Rover cyberattack cost the company over $220 million
Jaguar Land Rover (JLR) published its financial results for July 1 to September 30, warning that the cost of a recent cyberattack totaled £196 million…
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
Nov 15, 2025Ravie LakshmananMalware / Vulnerability The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that…
Cisco Catalyst Center Vulnerability Let Attackers Escalate Priveleges
A serious security flaw in Cisco Catalyst Center Virtual Appliance has been discovered that allows attackers with low-level access to gain full administrator control over…
PoC Exploit Tool Released for FortiWeb WAF Vulnerability Exploited in the Wild
A proof-of-concept (PoC) exploit tool for CVE-2025-64446 has been publicly released on GitHub. This vulnerability, affecting FortiWeb devices from Fortinet, involves a critical path traversal…
RONINGLOADER Weaponized Weaponizes Signed Drivers to Disable Defender and Evade EDR Tools
A new threat targeting Chinese users has appeared with a dangerous ability to shut down security tools. RONINGLOADER, a multi-stage loader spreading a modified version…
Critical pgAdmin4 Vulnerability Lets Attackers Execute Remote Code on Servers
A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases. Dubbed CVE-2025-12762, the vulnerability affects versions…
First Large-scale Cyberattack Using AI With Minimal Human Input
Chinese government-backed hackers used Anthropic’s Claude Code tool to carry out advanced spying on about thirty targets worldwide, successfully breaking into several major organizations. The…
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
The United States issued a seizure warrant to Starlink this week related to satellite internet infrastructure used in a scam compound in Myanmar. The action…
Five U.S. Citizens Plead Guilty to Helping North Korean IT Workers Infiltrate 136 Companies
The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling…
Hackers are Weaponizing Invoices to Deliver XWorm That Steals Login Credentials
Attackers are using fake invoice emails to spread XWorm, a remote-access trojan that quietly steals login credentials, passwords, and sensitive files from infected computers. When…