Fortinet patched 18 flaws, including two authentication-bypass bugs affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO enabled. Fortinet addressed 18 vulnerabilities, including two authentication-bypass flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), affecting FortiOS, FortiWeb, FortiProxy, and…
IT Security News Daily Summary 2025-12-10
157 posts were published in the last hour 22:2 : 700+ self-hosted Gits battered in 0-day attacks with no fix imminent 21:32 : Releasing Open Source Tools to the Community 21:31 : CEO of South Korean retail giant Coupang resigns…
700+ self-hosted Gits battered in 0-day attacks with no fix imminent
More than half of internet-exposed instances already compromised Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn’t yet have a fix.… This article has been indexed from The Register…
Releasing Open Source Tools to the Community
Every now and then, I get contacted by someone who tells me that they used the open source tools I’ve released in either a college course they took, or in a course provided by one of the many training vendors in…
CEO of South Korean retail giant Coupang resigns after massive data breach
The massive data breach at the South Korean retail giant Coupang affects more than half of the country’s population. This article has been indexed from Security News | TechCrunch Read the original article: CEO of South Korean retail giant Coupang…
SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks In Split Learning
Session 5C: Federated Learning 1 Authors, Creators & Presenters: Phillip Rieger (Technical University of Darmstadt), Alessandro Pegoraro (Technical University of Darmstadt), Kavita Kumari (Technical University of Darmstadt), Tigist Abera (Technical University of Darmstadt), Jonathan Knauer (Technical University of Darmstadt), Ahmad-Reza…
HTTPS certificate industry phasing out less secure domain validation methods
Posted by Chrome Root Program Team Secure connections are the backbone of the modern web, but a certificate is only as trustworthy as the validation process and issuance practices behind it. Recently, the Chrome Root Program and the CA/Browser Forum…
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress. This includes a…
Torrent for DiCaprio’s “One Battle After Another” Movie Drops Agent Tesla
Bitdefender researchers warn that the torrent for Leonardo DiCaprio’s One Battle After Another is a trap deploying Agent Tesla malware. Learn how the fileless LOTL attack targets unsuspecting Windows users. This article has been indexed from Hackread – Cybersecurity News,…
IT Security News Hourly Summary 2025-12-10 21h : 5 posts
5 posts were published in the last hour 20:2 : How Migrating to Hardened Container Images Strengthens the Secure Software Development Lifecycle 20:2 : .NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL 19:32…
How Migrating to Hardened Container Images Strengthens the Secure Software Development Lifecycle
Container images are the key components of the software supply chain. If they are vulnerable, the whole chain is at risk. This is why container image security should be at the core of any Secure Software Development Lifecycle (SSDLC) program.…
.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL
New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the “invalid cast vulnerability” SOAPwn, said the issue impacts Barracuda Service Center RMM,…
NIST Plans to Build Threat and Mitigation Taxonomy for AI Agents
The U.S. National Institute of Standards and Technology (NIST) is building a taxonomy of attack and mitigations for securing artificial intelligence (AI) agents. Speaking at the AI Summit New York conference, Apostol Vassilev, a research team supervisor for NIST, told…
Response to CISA Advisory (AA25-343A): Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
AttackIQ has issued recommendations in response to the Cybersecurity Advisory (CSA) released by the Cybersecurity and Infrastructure Security Agency (CISA) on December 9, 2025, which details the ongoing targeting of critical infrastructure by pro-Russia hacktivists. The post Response to CISA…
From awareness to action: Building a security-first culture for the agentic AI era
The insights gained from Cybersecurity Awareness Month, right through to Microsoft Ignite 2025, demonstrate that security remains a top priority for business leaders. The post From awareness to action: Building a security-first culture for the agentic AI era appeared first…
AISLE Uncovers Traefik Bug That Disabled TLS Verification for Months
A Traefik misconfiguration disabled TLS checks across Kubernetes clusters. The post AISLE Uncovers Traefik Bug That Disabled TLS Verification for Months appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: AISLE Uncovers…
New Spiderman Phishing Kit Lets Attackers Create Malicious Bank Login Pages in Few Clicks
A sophisticated new phishing framework dubbed “Spiderman” has emerged in the cybercrime underground, dramatically lowering the barrier to entry for financial fraud. This toolkit, observed by Varonis, allows threat actors, even those with minimal technical skill, to spin up pixel-perfect…
Over 644,000 Domains Exposed to Critical React Server Components Vulnerability
The Shadowserver Foundation has released alarming new data regarding the exposure of web applications to CVE-2025-55182, a critical vulnerability affecting React Server Components. Following significant improvements to their scanning methodologies, researchers have identified a massive attack surface comprising over 165,000…
Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS
A critical stored cross-site scripting vulnerability in Ivanti Endpoint Manager (“EPM”) versions 2024 SU4 and below, that could enable attackers to hijack administrator sessions without authentication. The vulnerability, identified as CVE-2025-10573, has been assigned a CVSS score of 9.6 and…
Microsoft won’t fix .NET RCE bug affecting slew of enterprise apps, researchers say
Devs and users should know better, Microsoft tells watchTowr Security researchers have revealed a .NET security flaw thought to affect a host of enterprise-grade products that they say Microsoft refuses to fix.… This article has been indexed from The Register…
US extradites Ukrainian woman accused of hacking meat processing plant for Russia
The digital intrusion allegedly caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility A Ukrainian woman accused of hacking US public drinking water systems and a meat processing facility on behalf of Kremlin-backed…
When Vendors Become the Vulnerability: What the Marquis Software Breach Signals for Financial Institutions
In December 2025, a ransomware attack on Marquis Software Solutions, a data analytics and marketing vendor serving the financial sector, compromised sensitive customer information held by multiple banks and credit unions, according to Infosecurity Magazine. The attackers reportedly gained access…
Flare Finds 10,000 Docker Hub Images Exposing Sensitive Secrets
Flare found over 10,000 Docker Hub images leaking sensitive credentials. The post Flare Finds 10,000 Docker Hub Images Exposing Sensitive Secrets appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Flare Finds…
2 Men Linked to China’s Salt Typhoon Hacker Group Likely Trained in a Cisco ‘Academy’
The names of two partial owners of firms linked to the Salt Typhoon hacker group also appeared in records for a Cisco training program—years before the group targeted Cisco’s devices in a spy campaign. This article has been indexed from…