277/68 Friday, August 1, 2025 Following the enforcement of the UK’s Online Safety Act, which came into effect last Friday, VPN (Virtual Private Network) usage across the country has skyrocketed. The new law requires websites to strictly verify users’ ages, prompting a massive surge in VPN traffic. According to Top10VPN, VPN usage in the UK […]
276/68 Thursday, July 31, 2025 On July 28, 2025, pro-Ukrainian hacker groups Silent Crow and the Belarusian Cyber-Partisans claimed responsibility for a major cyberattack targeting Russia’s flagship airline Aeroflot, which crippled the company’s IT systems and forced the cancellation of over 100 flights. The Aeroflot website became inaccessible, and the Russian government later confirmed it […]
275/68 Thursday, July 31, 2025 Cybersecurity researchers from Graz University of Technology in Austria have unveiled a novel attack technique called “Choicejacking,” which tricks smartphones into enabling USB data transfer without user consent, bypassing protections originally designed to prevent Juice Jacking attacks. By simply plugging a phone into a compromised public charger or USB cable […]
274/68 Wednesday, July 30, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has issued an official advisory regarding a critical vulnerability-CVE-2023-2533-in PaperCut NG/MF software, which is actively being exploited in cyberattacks. This vulnerability enables remote code execution through Cross-Site Request Forgery (CSRF), allowing an attacker to gain control of a system if an administrator-while still […]
273/68 Wednesday, July 30, 2025 Security researchers from Patchstack have disclosed a critical vulnerability in the popular Post SMTP plugin for WordPress, which is used by over 400,000 websites globally to manage email delivery. The flaw, tracked as CVE-2025-24000, stems from a Broken Access Control issue that allows unauthorized access to sensitive data by low-privileged […]
272/68 Tuesday, July 29, 2025 International law enforcement agencies have taken down the .onion websites operated by the BlackSuit ransomware group, which were used to leak victim data via the TOR network. A seizure banner displayed on the sites confirms the operation was led by U.S. Homeland Security Investigations (HSI), featuring logos from 17 international […]
271/68 Tuesday, July 29, 2025 Cybersecurity researchers from Nozomi Networks have disclosed the discovery of more than 12 vulnerabilities in the Niagara Framework, an intelligent device management system developed by Tridium, a subsidiary of Honeywell. These vulnerabilities could be exploited by attackers within the same network, especially when misconfigurations leave encryption disabled. When chained together, […]
270/68 Friday, July 25, 2025 Sophos has released fixes for five vulnerabilities affecting its Sophos Firewall product, including two critical flaws that could allow unauthenticated remote code execution (RCE), potentially enabling attackers to gain full control over affected devices. The vulnerabilities addressed include: Sophos confirmed that all five vulnerabilities have been addressed via a hotfix. […]
269/68 Friday, July 25, 2025 Cybersecurity experts at Sucuri have uncovered a new tactic used by threat actors to exploit WordPress systems by embedding a backdoor into a special type of plugin known as a “mu-plugin” (Must-Use Plugin). These plugins are placed in the wp-content/mu-plugins directory and are automatically enabled on every WordPress site without […]
268/68 Thursday, July 24, 2025 Cisco has issued a cybersecurity advisory regarding three critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products, which have been actively exploited. All three vulnerabilities carry the maximum CVSS severity score of 10.0 and allow unauthenticated remote code execution (RCE), enabling attackers to take […]
