The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet. FreePBX is an open-source private branch exchange (PBX) platform…
Tag: EN
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The issue, which is yet to be assigned a CVE identifier, has been addressed in…
TransUnion Data Breach Compromises Over 4 Million Customers
In a significant data breach disclosed by TransUnion LLC, more than 4.4 million consumers had sensitive personal information compromised in late July 2025. The credit reporting agency, headquartered at 555 W. Adams Street in Chicago, Illinois, revealed the incident on…
Microsoft Teams Abused in Cyberattack Delivering PowerShell-Based Remote Access Malware
In a concerning development for enterprise security, cybercriminals have begun exploiting Microsoft Teams—long trusted as an internal messaging and collaboration tool—to deliver PowerShell-based malware and gain unauthorized remote access to Windows systems. By impersonating IT support personnel and leveraging social…
Simple prompt or agent workflow? How not to overthink AI
The key to AI success is knowing what tool to use when. This article has been indexed from Latest news Read the original article: Simple prompt or agent workflow? How not to overthink AI
Changing these 10 settings on my OnePlus phone gave it a big performance boost
Not sure you’re getting the most out of your OnePlus device? Adjust these settings to unlock better performance and a smoother experience. This article has been indexed from Latest news Read the original article: Changing these 10 settings on my…
Google: Salesloft Drift breach hits all integrations
Google warns that Salesloft Drift OAuth breach affects all integrations, not just Salesforce. All tokens should be treated as compromised. Google disclosed that the Salesloft Drift OAuth breach is broader than Salesforce, affecting all integrations. GTIG and Mandiant advise all…
TransUnion Hack Exposes 4M+ Customers Personal Information
TransUnion, one of the nation’s three major credit reporting agencies, has disclosed a significant data breach that exposed the personal information of more than four million U.S. customers. The company is now alerting affected individuals about the cyber incident, which…
New Mac Malware Dubbed ‘JSCoreRunner’ Weaponizing PDF Conversion Site to Deliver Malware
A sophisticated new Mac malware campaign has emerged, targeting users through a deceptive PDF conversion website that conceals a dangerous two-stage payload. The malware, dubbed “JSCoreRunner,” represents a significant evolution in macOS threats, demonstrating how cybercriminals are adapting their techniques…
Nagios XSS Vulnerability Let Remote Attackers to Execute Arbitrary JavaScript
Nagios XI, a widely-deployed network monitoring solution, has addressed a critical cross-site scripting (XSS) vulnerability in its Graph Explorer feature that could enable remote attackers to execute malicious JavaScript code within users’ browsers. The security flaw was patched in version…
PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input
A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and compromise server security. The vulnerability, tracked as CVE-2025-54370, affects multiple versions of the phpoffice/phpspreadsheet package…
How Adversary-In-The-Middle (AiTM) Attack Bypasses MFA and EDR?
Adversary-in-the-Middle (AiTM) attacks are among the most sophisticated and dangerous phishing techniques in the modern cybersecurity landscape. Unlike traditional phishing attacks that merely collect static credentials, AiTM attacks actively intercept and manipulate communications between users and legitimate services in real-time,…
Cybercriminals Harness AI and Automation, Leaving Southeast Asia Exposed
A new study warns that cybercriminals are leveraging artificial intelligence (AI) and automation to strike faster and with greater precision, exposing critical weaknesses in Southeast Asia—a region marked by rapid digital growth and interconnected supply chains. The findings urge…
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world. To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog…
Safety-critical industries wary about using AI for cybersecurity
Finance, tech and professional services are among the sectors with the widest adoption of AI-based security tools, according to a new report. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Safety-critical industries wary…
NetScaler warns hackers are exploiting zero-day vulnerability
The company is urging customers to patch their devices immediately, saying the flaw could lead to denial of service or remote code execution. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: NetScaler warns…
US, allies warn China-linked actors still targeting critical infrastructure
An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: US, allies warn China-linked actors still targeting…
Federal, state officials investigating ransomware attack targeting Nevada
The Sunday attack disrupted key services across the state and led to the theft of some data. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Federal, state officials investigating ransomware attack targeting Nevada
I replaced my deadbolt with this Apple HomeKey smart lock – and it’s an iPhone user’s dream
Say goodbye to bulky smart locks – the Matter-enabled Level Lock Pro maintains a sleek deadbolt look while packing advanced smart features. This article has been indexed from Latest news Read the original article: I replaced my deadbolt with this…
Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa
Operation Serengeti 2.0: With Trend Micro’s support, INTERPOL led a major crackdown across Africa, arresting cybercriminals, dismantling infrastructures, recovering illicit funds, and protecting tens of thousands of victims. This article has been indexed from Trend Micro Research, News and Perspectives…