294/68 Friday, August 15, 2025 Fortinet has issued a warning regarding a critical vulnerability, identified as CVE-2025-25256, which has received a CVSS severity score of 9.8. The vulnerability is currently under active exploitation targeting FortiSIEM systems. It is classified as an OS Command Injection vulnerability that allows unauthenticated attackers to execute arbitrary commands via specially […]
293/68 Friday, August 15, 2025 Kaspersky has issued a warning about the widespread infection of the Efimer Trojan malware, first discovered in October 2024 and still active well into 2025, with over 5,000 victims reported globally. This malware exhibits multiple malicious capabilities, including replacing cryptocurrency wallet addresses to redirect funds to attacker-controlled accounts, brute-forcing WordPress […]
292/68 Thursday, August 14, 2025 The hacker group ShinyHunters has leaked data stolen from U.S. insurance company Allianz Life, exposing personal and business information of over 2.8 million records. This incident is part of a broader campaign targeting Salesforce CRM systems. Allianz Life previously confirmed on July 16 that customer data—affecting approximately 1.4 million individuals—had […]
291/68 Thursday, August 14, 2025 Cybersecurity firm GreyNoise has issued a warning about a significant spike in brute-force attacks targeting Fortinet SSL VPN devices worldwide. These attacks began on August 3, 2025, and involved over 780 unique IP addresses, with more than 56 flagged as malicious in the past 24 hours alone. The attack sources […]
290/68 Wednesday, August 13, 2025 Cybersecurity researchers Chiao-Lin “Steven Meow” Yu from Trend Micro Taiwan and Kai-Ching “Keniver” Wang from CHT Security revealed at the DEF CON hacker conference that they discovered critical vulnerabilities in Smart Bus systems. These flaws could allow attackers to remotely track vehicle locations, control systems, or surveil the interior of […]
289/68 Wednesday, August 13, 2025 Typically, when a company or organization falls victim to a ransomware attack, data recovery requires paying a ransom to the attackers-yet even payment doesn’t guarantee data restoration. However, in this case, cybersecurity experts from Profero successfully broke the encryption used by the DarkBit hacker group, enabling victims to recover their […]
288/68 Friday, August 8, 2025 Google has released the August 2025 Android security update, addressing multiple vulnerabilities — including two severe flaws in Qualcomm chipsets that have reportedly been exploited in the wild. Notably, the update patches CVE-2025-21479 (CVSS score 8.6) and CVE-2025-27038 (CVSS score 7.5), both of which impact Adreno GPU drivers used in […]
287/68 Friday, August 8, 2025 Infoblox, a leading DNS threat intelligence firm, has exposed the activities of a global cybercrime syndicate known as “VexTrio Viper.” This group has been distributing fake mobile applications through both the Google Play Store and Apple App Store under various developer names such as HolaCode, LocoMind, Hugmi, and Klover Group. […]
286/68 Thursday, August 7, 2025 On July 24, 2025, Cisco disclosed a data breach involving a third-party-managed Customer Relationship Management (CRM) system. The breach was caused by a vishing (voice phishing) attack, in which a malicious actor impersonated a trusted individual and contacted a Cisco employee via phone, ultimately gaining access to a subset of […]
285/68 Thursday, August 7, 2025 Cisco Talos has disclosed five critical security vulnerabilities in Broadcom’s BCM5820X chips, which are used in over 100 models of Dell computers – particularly in enterprise-focused devices like Dell Latitude and Precision. These systems often feature ControlVault3, a dedicated security subsystem used to store sensitive data such as passwords, fingerprint […]
