Zeljka Zorz
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the …
Ransomware payments plummet as more victims refuse to pay
Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. …
Suspected NATO, UN, US Army hacker arrested in Spain
The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation …
Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore …
Swap EOL Zyxel routers, upgrade Netgear ones!
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting …
Crypto-stealing iOS, Android malware found on App Store, Google Play
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate …
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver …
Casio UK site compromised, equipped with web skimmer
Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has …
DeepSeek’s popularity exploited to push malicious packages via PyPI
Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they …
Patient monitors with backdoor are sending info to China, CISA warns
Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a …
Cybercrime forums Cracked and Nulled seized, operators arrested
Law enforcement from Germany, Australia, Spain, Greece, Romania, Italy, France and the USA have seized and shut down Cracked and Nulled, the two largest cybercrime forums in …
SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
Attackers may have exploited vulnerabilities in the SimpleHelp remote monitoring and management solution to gain initial access to healthcare organizations. About the …
Featured news
Resources
Don't miss
- Commix: Open-source OS command injection exploitation tool
- Review: The Chief AI Officer’s Handbook
- How QR code attacks work and how to protect yourself
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
- OSPS Baseline: Practical security best practices for open source software projects