Cybersecurity Articles

252/68 Monday, July 14, 2025 Fortinet has released a patch to address a critical vulnerability, tracked as CVE-2025-25257, with a CVSS severity score of 9.6/10. The flaw affects FortiWeb devices and allows unauthenticated attackers to send specially crafted SQL commands via HTTP or HTTPS requests, potentially granting unauthorized access to the database or allowing execution […]

251/68 Monday, July 14, 2025 Cybersecurity researchers have discovered a critical vulnerability in McHire, the chatbot-powered hiring platform used by McDonald’s to recruit employees across the United States. The flaw exposed personal data and chat conversations from over 64 million job applications, primarily due to the system’s admin panel using weak default credentials—both the username […]

250/68 Wednesday, July 9, 2025 A group of hackers has stolen more than $140 million USD from six banks in Brazil by exploiting the credentials of an employee at C&M, a financial connectivity solutions provider. The incident occurred on June 30, when attackers tricked a C&M employee into handing over login information and executing specific […]

249/68 Wednesday, July 9, 2025 Cybersecurity experts from Arctic Wolf and Zscaler have issued warnings about an ongoing SEO poisoning campaign-where cybercriminals manipulate Google search results to lure users, especially small and medium-sized businesses (SMBs), into downloading malware disguised as legitimate software. The primary malware used in this campaign is Oyster Loader (also known as […]

248/68 Tuesday, July 8, 2025 Cybersecurity experts from SentinelOne have issued a warning regarding a threat group linked to North Korea that is actively targeting Web3 and cryptocurrency companies. The group is distributing a macOS malware known as NimDoor, disguised as a fake Zoom update. The malware is written in the Nim programming language, which […]

247/68 Tuesday, July 8, 2025 Cybersecurity experts from Check Point have issued a warning to online shoppers about cybercriminals targeting the upcoming Amazon Prime Day, which will take place on July 8. The warning follows the discovery that over 1,000 fake domains mimicking “Amazon” and “Amazon Prime” were registered in June alone. Of these, more […]

246/68 Monday, July 7, 2025 Ingram Micro, one of the world’s largest B2B technology distributors, has been experiencing prolonged system outages since last Thursday. According to a report by BleepingComputer, the incident has now been confirmed as a ransomware attack carried out by the SafePay group, which managed to breach the company’s internal systems. Several […]

245/68 Monday, July 7, 2025 The ransomware group Hunters International officially announced its shutdown on July 4, 2025, after nearly two years of cybercriminal activity. The group confirmed 55 successful attacks, with another 199 unconfirmed incidents. Known for operating under the Ransomware-as-a-Service (RaaS) model, Hunters International employed double extortion tactics-encrypting victims’ files while also stealing […]

244/68 Friday, July 4, 2025 Google has issued a security update to patch a zero-day vulnerability, CVE-2025-6554, that has been actively exploited in the wild. The flaw lies in Chrome’s V8 JavaScript and WebAssembly engine and is classified as a type confusion vulnerability. It allows attackers to perform unauthorized read and write operations in memory […]

243/68 Friday, July 4, 2025 Cybersecurity experts from Defiant have disclosed a critical vulnerability in the popular WordPress plugin Forminator, which is used to create forms such as contact forms, payment forms, and surveys. The plugin has over 600,000 active installations worldwide. The vulnerability, identified as CVE-2025-6463, has been assigned a CVSS severity score of […]