Search results for: “network security”
Showing results matching your search
Refine your search
-
Fortinet FortiOS CVE-2020-12812: Five-Year-Old 2FA Bypass Affecting 9,700+ Exposed Firewalls Under Active Exploitation
A five-year-old 2FA bypass vulnerability in Fortinet FortiOS continues to plague enterprise perimeter security. Over 9,700 unpatched FortiGate instances remain exposed globally as of January 2026, with active exploitation confirmed. An attacker can bypass two-factor…
·
·
7–11 minutes -
Transparent Tribe APT36: Weaponized Shortcuts and Adaptive Persistence Target Indian Government Entities
Transparent Tribe (APT36) launches a sophisticated multi-stage malware campaign using weaponized Windows shortcut files embedded with PDF content, targeting Indian government and academic institutions. The RAT adapts its persistence mechanisms based on installed antivirus products,…
·
·
5–7 minutes -
MongoDB MongoBleed CVE-2025-14847: Unauthenticated Memory Leak Under Active Exploitation
A critical pre-authentication memory disclosure vulnerability in MongoDB allows attackers to leak heap memory without credentials. With 87,000+ vulnerable instances globally and active exploitation confirmed, CISA has mandated patches for Federal agencies by January 19,…
·
·
3–5 minutes -
Russia Shutters Poland’s Consulate in Irkutsk in Tit-for-Tat Measure
Russia’s Foreign Ministry has announced the closure of Poland’s consulate in Irkutsk, a tit-for-tat measure responding to Warsaw’s recent decision to shut down one of Russia’s consulates. This leaves both nations with only one diplomatic…
·
·
1–2 minutes -
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories
This week’s cybersecurity bulletin highlights the re-emergence of Mirai-based botnets targeting IoT devices, a surge in sophisticated phishing attacks leveraging AI, and efforts by Singapore to curb government impersonation scams. It also covers privacy upgrades…
·
·
2–3 minutes -
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
The threat actor ToddyCat is using new hacking tools to steal corporate email data, including a custom tool called TCSectorCopy. They aim to obtain OAuth 2.0 authorization tokens from user browsers for accessing corporate mail.…
·
·
2–3 minutes -
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Five new vulnerabilities have been discovered in Fluent Bit, a popular open-source telemetry agent. These flaws could be exploited to compromise and take over cloud infrastructures, raising significant security concerns. Successful exploitation means attackers could…
·
·
2–3 minutes -
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
A new report highlights a concerning trend with China’s DeepSeek-R1 AI model. Research shows it generates code with significant security vulnerabilities when prompted with politically sensitive topics. Cybersecurity firm CrowdStrike found that the likelihood of…
·
·
2–3 minutes -
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning regarding a critical, actively exploited zero-day vulnerability in Oracle Identity Manager (CVE-2025-52054). This flaw, with a CVSS score of 9.8, allows remote…
·
·
2–3 minutes -
Cloudflare Outage Disrupts X, ChatGPT
Cloudflare outage on November 18 disrupted major internet platforms globally. X (formerly Twitter) and ChatGPT were affected. Cloudflare investigated and resolved the widespread issue.
·
·
1–2 minutes
