A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309, the vulnerability carries a CVSS score of 9.0. “CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ…
Category: EN
This Apple Watch model is my favorite and I use it daily – right now, it’s over 30% off
I love the Apple Watch SE (2nd Gen) for its basic features and fair price, and it’s currently on sale at Walmart. This article has been indexed from Latest news Read the original article: This Apple Watch model is my…
Radiology Associates of Richmond data breach impacts 1.4 million people
A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals. Radiology Associates of Richmond has disclosed a data breach that impacted personal and health information of over 1.4 million individuals.…
Grafana Vulnerabilities Allow User Redirection to Malicious Sites and Code Execution in Dashboards
Two significant Grafana vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code. The vulnerabilities, identified as CVE-2025-6023 and CVE-2025-6197, affect multiple versions of Grafana, including 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x branches. Both…
Week in review: Google fixes zero-day vulnerability in Chrome, critical SQL injection flaw in FortiWeb
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by…
Apple’s latest iPad hit a new low price at Walmart – and it’s available in every color
Apple’s 11th-generation iPad is available for $50 off. This deal applies to every color and storage size option. This article has been indexed from Latest news Read the original article: Apple’s latest iPad hit a new low price at Walmart…
SharePoint 0-Day RCE Vulnerability Actively Exploited in the Wild to Gain Full Server Access
A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote control over vulnerable systems without authentication. Eye Security, a Dutch cybersecurity firm, identified the active…
Customer guidance for SharePoint vulnerability CVE-2025-53770
Summary Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. The attacks are exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770. SharePoint Online in Microsoft 365 is not impacted. A patch is currently not available for…
New EU AI Act Compliance Guide – Just Weeks Before August Deadline
The EU has released a guide for how large AI makers can comply with the AI Act’s newly instituted rules to prevent systemic risks. This article has been indexed from Security | TechRepublic Read the original article: New EU AI…
Microsoft says it will no longer use engineers in China for Department of Defense work
Following a Pro Publica report that Microsoft was using engineers in China to help maintain cloud computing systems for the U.S. Department of Defense, the company said it’s made changes to ensure this will no longer happen. This article has…
Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release
Hackers exploited a Fortinet FortiWeb flaw the same day a PoC was published, compromising dozens of systems. Hackers began exploiting a critical Fortinet FortiWeb flaw, tracked as CVE-2025-25257 (CVSS score of 9.6), on the same day a proof-of-concept (PoC) exploit…
Linux Distribution Designed for Seamless Anonymous Browsing
Despite the fact that operating systems like Windows and macOS continue to dominate the global market, Linux has gained a steady following among users who value privacy and security as well as cybersecurity professionals, thanks to its foundational principles: transparency,…
Major Breach at Medical Billing Giant Results in The Data Leak of 5.4 Million Users
Episource, the medical billing behemoth, has warned millions of Americans that a hack earlier this year resulted in the theft of their private and medical data. According to a listing with the United States Department of Health and Human…
Episource Healthcare Data Breach Exposes Personal Data of 5.4 Million Americans
In early 2025, a cyberattack targeting healthcare technology provider Episource compromised the personal and medical data of over 5.4 million individuals in the United States. Though not widely known to the public, Episource plays a critical role in the…
Over 2 Million Users Affected: Browser Extensions Turned Into Silent Spying Tools
An alarming cyber threat has come to light involving common browser extensions used by millions across the world. According to a recent investigation by cybersecurity firm Koi Security, at least 18 browser add-ons, once considered safe were secretly turned into…
At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds
Of those, more than 200 appear to have had outages of services related to patient care following CrowdStrike’s disastrous crash, researchers have revealed. This article has been indexed from Security Latest Read the original article: At Least 750 US Hospitals…
These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers. This article has been indexed from Security News | TechCrunch Read the original article: These are our favorite cyber books on hacking, espionage, crypto,…
New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users
A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack represents an evolution in social engineering tactics, combining traditional phishing techniques with audio-based deception to…
Chinese Threat Actors Using 2,800 Malicious Domains to Deliver Windows-Specific Malware
A sophisticated Chinese threat actor campaign has emerged as one of the most persistent malware distribution operations targeting Chinese-speaking communities worldwide. Since June 2023, this ongoing campaign has established an extensive infrastructure comprising more than 2,800 malicious domains specifically designed…
Snake Keylogger Evades Windows Defender and Scheduled Tasks to Harvest Login Credentials
A sophisticated phishing campaign targeting Turkish defense and aerospace enterprises has emerged, delivering a highly evasive variant of the Snake Keylogger malware through fraudulent emails impersonating TUSAŞ (Turkish Aerospace Industries). The malicious campaign distributes files disguised as contractual documents, specifically…