Latest news

A Silent Vulnerability Exposed: How Hackers Used Hidden Commands to Steal Sensitive Data
Vulnerability

A Silent Vulnerability Exposed: How Hackers Used Hidden Commands to Steal Sensitive Data

3 December 2025 dark6

Microsoft’s seemingly “unremarkable” November 2025 Patch Tuesday update actually contained a major security fix. But even the most meticulous patching...
Read more 0
FortiWeb CVE-2025-64446 PoC: a critical weapon now widely available
Vulnerability

FortiWeb CVE-2025-64446 PoC: a critical weapon now widely available

16 November 2025 dark6

The cybersecurity landscape has shifted once again, driven by the public release of a proof-of-concept exploit targeting the critical vulnerability...
Read more 0
NVIDIA NeMo Framework: a critical cascade of vulnerabilities
Vulnerability

NVIDIA NeMo Framework: a critical cascade of vulnerabilities

14 November 2025 dark6

The NVIDIA NeMo Framework, a cornerstone of conversational AI development, has recently revealed a significant and frankly concerning weakness. The...
Read more 0
Critical Roundcube vulnerability (CVE-2025-49113): exploit sold in Darknet as “Email Armageddon” looms
Vulnerability

Critical Roundcube vulnerability (CVE-2025-49113): exploit sold in Darknet as “Email Armageddon” looms

6 June 2025 securebulletin.com

A decade-old Remote Code Execution (RCE) flaw in Roundcube, the widely used open-source email client, has escalated into a global...
Read more 0
China-Linked APTs exploit critical SAP NetWeaver vulnerability to breach over 580 systems globally
Cybercrime

China-Linked APTs exploit critical SAP NetWeaver vulnerability to breach over 580 systems globally

13 May 2025 securebulletin.com

In a significant escalation of cyber-espionage activities, multiple China-affiliated advanced persistent threat (APT) groups have been found actively exploiting a...
Read more 0
MITRE Signals Critical Risk to CVE Program as Federal Funding Expires
Vulnerability

MITRE Signals Critical Risk to CVE Program as Federal Funding Expires

15 April 2025 securebulletin.com

The cybersecurity world faces a significant challenge as the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global vulnerability...
Read more 0
The Ballista Botnet: a new IoT threat with italian roots
Malware

The Ballista Botnet: a new IoT threat with italian roots

11 March 2025 securebulletin.com

Cato Networks has uncovered a sophisticated IoT botnet, dubbed Ballista, targeting TP-Link Archer routers by exploiting a two-year-old vulnerability (CVE-2023-1389)....
Read more 0
Fog’s dubious GitLab claims: investigation on instances
Ransomware

Fog’s dubious GitLab claims: investigation on instances

6 March 2025 securebulletin.com

One name that has been gaining traction since late January is Fog, a ransomware operation that has been particularly vocal...
Read more 0
A critical race condition vulnerability (CVE-2025-24118) in Apple’s macOS kernel has been discovered
Vulnerability

A critical race condition vulnerability (CVE-2025-24118) in Apple’s macOS kernel has been discovered

3 February 2025 securebulletin.com

A critical vulnerability has been identified in the macOS kernel (XNU), designated as CVE-2025-24118, which poses significant risks for users...
Read more 0
Critical vulnerability in the 7-Zip file archiver allows attackers to bypass MotW
Vulnerability

Critical vulnerability in the 7-Zip file archiver allows attackers to bypass MotW

21 January 2025 dark6

A significant security vulnerability has been identified in the popular file archiver 7-Zip, allowing attackers to bypass the Windows Mark...
Read more 0
Murdoc_Botnet: researchers have identified a campaign exploiting vulnerabilities in AVTECH IP cameras, in a variant of Mirai
Cybercrime

Murdoc_Botnet: researchers have identified a campaign exploiting vulnerabilities in AVTECH IP cameras, in a variant of Mirai

21 January 2025 dark6

Cybersecurity researchers have raised alarms over the emergence of the Murdoc_Botnet, a new variant of the infamous Mirai botnet that...
Read more 0
Vulnerability in the Aviatrix Controller used to deploy backdoors
Vulnerability

Vulnerability in the Aviatrix Controller used to deploy backdoors

13 January 2025 securebulletin.com

A critical security vulnerability in the Aviatrix Controller cloud networking platform, identified as CVE-2024-50603, is currently being exploited by cybercriminals...
Read more 0