Search results for: “network security”
Showing results matching your search
Refine your search
-
Honeypot Defense Turns Breach Claim Into Intelligence
Threat actors claimed breaching Resecurity. The firm responded with deception: attackers accessed a honeypot trap containing fake data. Resecurity’s defense turned an attack into intelligence collection.
·
·
6–9 minutes -
Finnish Authorities Detain Crew and Seize Vessel After Undersea Cable Severed: Aggravated Sabotage Probe Uncovers Sanctioned Cargo
Finnish authorities detained 14 crew aboard the Fitburg cargo ship after a critical undersea cable linking Helsinki to Estonia was severed on New Year’s Eve. Two crew members—Russian and Azerbaijani nationals—face arrest on aggravated sabotage…
·
·
9–14 minutes -
European Space Agency Data Breach Exposes 200GB of Infrastructure and Source Code
A hacker claiming the alias 888 alleges a breach of the European Space Agency on December 18, 2025, claiming theft of 200GB of internal data including private repositories, project management systems, CI/CD configurations, and hardcoded…
·
·
6–9 minutes -
Tokyo FM Data Breach Claims 3 Million Records Exposed
On January 1, 2026, an attacker announced access to Tokyo FM Broadcasting Co., Ltd.’s internal systems, claiming to have exfiltrated 3 million listener and employee records. The dataset reportedly includes personal identifiers (names, emails, IP…
·
·
4–6 minutes -
Roundcube CVE-2025-68461: SVG XSS Vulnerability Enables Silent Email Account Takeover Through Malicious Animate Tags
Roundcube Webmail contains a Cross-Site Scripting vulnerability (CVE-2025-68461, CVSS 7.2) that enables attackers to hijack email accounts by sending malicious SVG files. The flaw exploits improper sanitization of SVG animate tags to execute JavaScript in…
·
·
4–6 minutes -
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways
SmarterTools SmarterMail CVE-2025-52691 (CVSS 10.0) allows unauthenticated attackers to upload arbitrary files to mail servers without authentication, enabling immediate remote code execution. Affects Build 9406 and earlier; patched in Build 9413 (Oct 9, 2025). Used…
·
·
11–16 minutes -
IBM API Connect CVE-2025-13915: Critical Authentication Bypass Affecting Enterprise API Gateways at Major Financial and Telecom Organizations
IBM API Connect (CVSS 9.8) authentication bypass allows remote attackers to completely bypass login mechanisms and gain unauthorized access to centralized API gateways serving banks, airlines, and telecommunications companies. Affects versions 10.0.8.0-10.0.8.5, 10.0.11.0, 10.0.15.0 with…
·
·
12–19 minutes -
n8n CVE-2025-68613: Expression Injection Enables Arbitrary Code Execution on 103,476 Workflow Automation Instances
A critical expression injection vulnerability in n8n workflow automation platform (CVSS 9.9) allows authenticated attackers to execute arbitrary code with process privileges. 103,476 exposed instances identified globally, with rapid patching required to prevent credential theft…
·
·
11–16 minutes -
WatchGuard Fireware CVE-2025-14733: Out-of-Bounds Write in iked Enables Unauthenticated RCE on 117,490+ Exposed Firewalls
A critical out-of-bounds write vulnerability in WatchGuard Fireware OS allows unauthenticated remote attackers to execute arbitrary code on perimeter devices via malicious IKEv2 packets. 117,490 exposed instances globally, 35,600+ in the U.S., with active exploitation…
·
·
11–16 minutes -
RondoDox Botnet Exploits React2Shell CVSS 10.0 to Hijack 90,300+ IoT Devices and Web Servers
A sophisticated botnet campaign spanning nine months has targeted IoT devices and web applications worldwide, exploiting React2Shell CVE-2025-55182 (CVSS 10.0) as its primary initial access vector since December 2025. With 68,400 vulnerable instances in the…
·
·
8–12 minutes
