Fortinet has released an urgent security advisory addressing a newly discovered zero-day vulnerability, CVE-2025-58034, in its FortiWeb web application firewall platform, after evidence emerged of active exploitation in the wild. The flaw, characterized as improper neutralization of special elements used…
Category: Cyber Security News
Cloudflare Discloses Technical Details Behind Massive Outage that Breaks the Internet
Cloudflare published a comprehensive report detailing the causes of a major network failure that disrupted global internet traffic for several hours, affecting millions of users and various services. The outage, which began at 11:20 UTC, stemmed from an internal configuration…
WhatsApp Screen-Sharing Scam Let Attackers Trick Users into Revealing Sensitive Data
A dangerous scam targeting WhatsApp users has emerged as one of the fastest-growing threats across messaging platforms worldwide. The scheme exploits WhatsApp’s screen-sharing feature, introduced in 2023, to manipulate users into exposing their most sensitive financial and personal information. Reports…
Cloudflare Global Outage Breaks Internet – Major Platforms on the Internet Go Down
A widespread outage at Cloudflare, a critical internet infrastructure provider, disrupted access to numerous high-profile websites and services on November 18, 2025, causing intermittent failures across the global web. The issue stemmed from an internal service degradation that triggered HTTP…
Princeton University Data Breach – Database with Donor Info Compromised
Princeton University faced a security incident on November 10, 2025, when outside attackers gained unauthorized access to a database managed by the University Advancement department. The compromised database contained personal information of alumni, donors, faculty members, students, parents, and other…
Remcos RAT C2 Activity Mapped Along with The Ports Used for Communications
Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as administrative software, has become a serious threat in the cybersecurity landscape. Developed in the mid-2010s, this malware enables attackers to execute remote commands, steal files, capture screens, log…
Authorities Seized Thousands of Servers from Rogue Hosting Company Used to Fuel Cyberattacks
In a major law enforcement operation conducted on November 12, 2025, the East Netherlands cybercrime team successfully dismantled a significant criminal infrastructure. Authorities seized approximately 250 physical servers located in data centers across The Hague and Zoetermeer, which collectively powered…
Imunify AI-Bolit Vulnerability Let Execute Arbitrary Code and Escalate Privileges to Root
A serious security flaw was discovered in the AI-Bolit component of Imunify products. This vulnerability allows attackers to run arbitrary code and even become root on a server. Imunify released a fix on October 23, 2025, and most servers have…
W3 Total Cache Command Injection Vulnerability Exposes 1 Million WordPress Sites to RCE Attacks
A critical command injection vulnerability has been discovered in the W3 Total Cache plugin, one of WordPress’s most popular caching solutions used by approximately 1 million websites. The vulnerability, tracked as CVE-2025-9501 with a CVSS severity score of 9.0 (Critical), allows unauthenticated attackers to execute…
Lazarus APT Group New ScoringMathTea RAT Enables Remote Command Execution Among Other Capabilities
The Lazarus APT Group has unveiled a new Remote Access Trojan called ScoringMathTea, representing a significant advancement in their cyberattack capabilities. This C++ based malware was identified as part of Operation DreamJob, a campaign aligned with the North Korean government.…
UNC1549 Hackers with Custom Tools Attacking Aerospace and Defense Systems to Steal Logins
Since mid-2024, a sophisticated Iranian-backed threat group known as UNC1549 has been conducting targeted campaigns against aerospace, aviation, and defense organizations across the globe. The hackers employ an advanced dual approach, combining carefully crafted phishing campaigns with the exploitation of…
Everest Ransomware Group Allegedly Exposes 343 GB of Sensitive Data in Major Under Armour Breach
The notorious Everest ransomware group has claimed responsibility for a major cyber breach against Under Armour, the global sportswear giant, alleging the theft of 343 GB of internal data that could impact millions of customers and employees worldwide. The announcement,…
CISA Warns of Critical Lynx+ Gateway Vulnerability Exposes Data in Cleartext
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about a severe vulnerability in Lynx+ Gateway devices that could expose sensitive information in clear text during transmission. The flaw allows attackers to catch network traffic and obtain…
Google Reveals Public Preview of Alert Triage and Investigation Agent for Security Operations
Google has announced the public preview of its Alert Triage and Investigation agent, a significant advancement in artificial intelligence-driven security operations. The intelligent agent is now embedded directly within Google Security Operations, helping security teams process alerts faster and more effectively.…
Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups
Lynx ransomware has emerged as a significant threat to enterprise environments, with recent intrusions demonstrating sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. The malware campaign combines compromised credentials with careful planning to ensure maximum impact on target…
IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands
IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems. Both vulnerabilities stem from improper process controls in essential IBM AIX services. Critical…
Record-Breaking 15 Tbps DDoS Attack From 500,000+ Devices Hits Azure Network
Microsoft Azure thwarted what may be the largest distributed denial-of-service (DDoS) attack ever recorded in the cloud on October 24. The attack peaked at 15.72 terabits per second (Tbps) and unleashed nearly 3.64 billion packets per second (pps), targeting a…
Chrome Type Confusion Zero-Day Vulnerability Actively Exploited in the Wild
Google has rushed out a critical update for its Chrome browser to address a zero-day vulnerability actively exploited in the wild, urging users to update immediately to mitigate the risk posed by sophisticated attackers. The patch, rolled out in Chrome…
Payroll Pirates – Network of Criminal Groups Hijacking Payroll Systems
Cyber threats are changing how they reach victims. A financially motivated criminal network called Payroll Pirates has been quietly attacking payroll systems, credit unions, and trading platforms across the United States since mid-2023. Their weapon of choice is malvertising, where…
Threat Actors can Use Xanthorox AI Tool to Generate Different Malicious Code Based on Prompts
Cybersecurity researchers have uncovered a dangerous new tool making waves across darknet forums and criminal communities. Xanthorox, a malicious artificial intelligence platform, has emerged as a serious concern for the security industry. The tool works like a regular chatbot, similar…