>>> BLACK FRIDAY 2025 cybersecurity deals to explore <<<

Please turn on your JavaScript for this page to function normally.

Zeljka Zorz

LockBit
LockBit hacked: What does the leaked data show?

The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing …

ClickFix
The many variants of the ClickFix social engineering tactic

As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are …

SonicWall
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)

SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete …

SysAid
PoC exploit for SysAid pre-auth RCE released, upgrade quickly!

WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind …

Android
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)

Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted …

Langflow
RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)

A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has …

Samsung MagicINFO
Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)

An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being …

M&S, Coop, Harrods
UK retailers under cyber attack: Co-op member data compromised

UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same …

SonicWall
Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)

Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed …

New Microsoft accounts will be “passwordless by default”

Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of …

Apple
Airplay-enabled devices open to attack via “AirBorne” vulnerabilities

Vulnerabilities in Apple’s AirPlay Protocol, AirPlay Software Development Kits (SDKs), and the CarPlay Communication Plug-in could allow attackers to compromise …

scam alert
Property renters targeted in simple BEC scam

Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools