Category: Security Affairs

Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure. Threat actors are exploiting a recently discovered vulnerability, tracked as CVE-2025-3102 (CVSS score of 8.1) in the OttoKit WordPress plugin (formerly SureTriggers), a few hours after public disclosure. An…

Read more →

Laboratory Services Cooperative discloses a data breach from October 2024 that exposed personal and medical info of 1.6 million individuals. Laboratory Services Cooperative disclosed a data breach that impacted the personal and medical information of 1.6 million people. The Laboratory…

Read more →

Experts warn of brute-force login attempts on PAN-OS GlobalProtect gateways following increased scanning activity on its devices. Palo Alto Networks reports brute-force login attempts on PAN-OS GlobalProtect gateways. The security firm pointed out that no known vulnerability has been exploited,…

Read more →

Gamaredon targeted a foreign military mission in Ukraine with updated GammaSteel malware on Feb 26, 2025, per Symantec. Symantec Threat Hunter researchers reported that the Russia-linked APT group Gamaredon (a.k.a. Shuckworm, Armageddon, Primitive Bear, ACTINIUM, Callisto) targeted a foreign military mission based in…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Linux Kernel flaws, respectively tracked as CVE-2024-53197 and CVE-2024-53150, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability…

Read more →

AkiraBot, a CAPTCHA-evading Python framework, has spammed over 80,000 websites with AI-generated messages, targeting small and medium-sized businesses. SentinelOne’s SentinelLabs researchers warn that AkiraBot, a spam framework, targets websites’ chats and contact forms to promote low-quality SEO services, AkiraBot has…

Read more →

At least one APT group has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security measures. Kaspersky researchers reported that an APT group, tracked as ToddyCat, has exploited a vulnerability in ESET software to stealthily execute malware, bypassing…

Read more →

Oracle confirmed a hacker stole credentials from two obsolete servers but said no Oracle Cloud systems or customer data were affected. Oracle confirmed a hacker stole and leaked credentials from two obsolete servers, but said no Oracle Cloud systems or…

Read more →

Fortinet addressed a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. Fortinet has released security updates to address a critical vulnerability, tracked as CVE-2024-48887 (CVSS score 9.8), in its FortiSwitch devices. A remote…

Read more →

Threat actor ‘Jabaroot’ claims breach of National Social Security Fund of Morocco, aiming to steal large volumes of sensitive citizen data. Resecurity has identified a threat actor targeting government systems in Morocco with the goal of exfiltrating large volumes of…

Read more →

The US Office of the Comptroller of the Currency (OCC) disclosed a major email breach compromising 100 accounts, undetected for over a year. The US Treasury’s Office of the Comptroller of the Currency (OCC) disclosed an undetected major email breach…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Gladinet CentreStack and ZTA Microsoft…

Read more →

WhatsApp addressed a flaw, tracked as CVE-2025-30401, that could allow attackers to trick users and enable remote code execution. WhatsApp released a security update to address a vulnerability, tracked as CVE-2025-30401, that could let attackers trick users and enable remote…

Read more →

The Tor leak site of the Everest ransomware group went offline after being hacked and defaced over the weekend. The Everest ransomware gang’s darknet site went offline after being hacked and defaced, with victim listings replaced by the following message.…

Read more →

Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days. Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities (CVE-2024-53197, CVE-2024-53150) exploited in targeted…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Tomcat path equivalence vulnerability, tracked as CVE-2025-22457,…

Read more →

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. Noah Urban, a 20-year-old from Palm Coast, pleaded guilty to conspiracy, wire fraud, and identity theft in two federal cases,…

Read more →

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. Microsoft credited the likely lone actor behind the EncryptHub alias (also known as SkorikARI) for reporting two Windows security flaws, highlighting a “conflicted”…

Read more →

A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets. Silent Push researchers warn of a malicious PoisonSeed campaign that uses stolen CRM and bulk email provider credentials…

Read more →

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as “EDR-as-a-Service,” is taking hold in the cybersecurity…

Read more →