Critical Roundcube vulnerability (CVE-2025-49113): exploit sold in Darknet as “Email Armageddon” looms
A decade-old Remote Code Execution (RCE) flaw in Roundcube, the widely used open-source email client, has escalated into a global…
China-Linked APTs exploit critical SAP NetWeaver vulnerability to breach over 580 systems globally
In a significant escalation of cyber-espionage activities, multiple China-affiliated advanced persistent threat (APT) groups have been found actively exploiting a…
MITRE Signals Critical Risk to CVE Program as Federal Funding Expires
The cybersecurity world faces a significant challenge as the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global vulnerability…
The Ballista Botnet: a new IoT threat with italian roots
Cato Networks has uncovered a sophisticated IoT botnet, dubbed Ballista, targeting TP-Link Archer routers by exploiting a two-year-old vulnerability (CVE-2023-1389).…
Fog’s dubious GitLab claims: investigation on instances
One name that has been gaining traction since late January is Fog, a ransomware operation that has been particularly vocal…
A critical race condition vulnerability (CVE-2025-24118) in Apple’s macOS kernel has been discovered
A critical vulnerability has been identified in the macOS kernel (XNU), designated as CVE-2025-24118, which poses significant risks for users…
Critical vulnerability in the 7-Zip file archiver allows attackers to bypass MotW
A significant security vulnerability has been identified in the popular file archiver 7-Zip, allowing attackers to bypass the Windows Mark…
Murdoc_Botnet: researchers have identified a campaign exploiting vulnerabilities in AVTECH IP cameras, in a variant of Mirai
Cybersecurity researchers have raised alarms over the emergence of the Murdoc_Botnet, a new variant of the infamous Mirai botnet that…