Search results for: “ransomware”
Showing results matching your search
Refine your search
-
Honeypot Defense Turns Breach Claim Into Intelligence
Threat actors claimed breaching Resecurity. The firm responded with deception: attackers accessed a honeypot trap containing fake data. Resecurity’s defense turned an attack into intelligence collection.
·
·
6–9 minutes -
DarkSpectre Browser Extension Campaigns Expose 8.8 Million Users to Corporate Espionage
DarkSpectre is a Chinese threat actor operating three browser extension campaigns infecting 8.8 million users across Chrome, Edge, and Firefox. ShadyPanda (5.6M users) executes mass surveillance and affiliate fraud. GhostPoster (1.05M) delivers steganographic payloads. The…
·
·
5–8 minutes -
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways
SmarterTools SmarterMail CVE-2025-52691 (CVSS 10.0) allows unauthenticated attackers to upload arbitrary files to mail servers without authentication, enabling immediate remote code execution. Affects Build 9406 and earlier; patched in Build 9413 (Oct 9, 2025). Used…
·
·
11–16 minutes -
RondoDox Botnet Exploits React2Shell CVSS 10.0 to Hijack 90,300+ IoT Devices and Web Servers
A sophisticated botnet campaign spanning nine months has targeted IoT devices and web applications worldwide, exploiting React2Shell CVE-2025-55182 (CVSS 10.0) as its primary initial access vector since December 2025. With 68,400 vulnerable instances in the…
·
·
8–12 minutes -
Fortinet FortiOS CVE-2020-12812: Five-Year-Old 2FA Bypass Affecting 9,700+ Exposed Firewalls Under Active Exploitation
A five-year-old 2FA bypass vulnerability in Fortinet FortiOS continues to plague enterprise perimeter security. Over 9,700 unpatched FortiGate instances remain exposed globally as of January 2026, with active exploitation confirmed. An attacker can bypass two-factor…
·
·
7–11 minutes -
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are deploying Matrix Push C2, a new command-and-control platform for sophisticated phishing attacks. This framework uses web browser notifications to deliver malicious links across various operating systems, employing a fileless approach that bypasses…
·
·
2–4 minutes -
10 Cyber Security Tools for 2025
Cybersecurity tools protect devices, systems, applications, networks, and data from cyber threats. These solutions improve security posture, manage compliance, and maintain reputation, preventing costly fixes.
·
·
1–2 minutes -
Sanctions Hit Russia’s Bulletproof Hosting Provider
U.S., UK, and Australia sanction Russia-based Media Land for providing bulletproof hosting to ransomware groups like LockBit, BlackSuit, and Play, freezing assets and prohibiting transactions.
·
·
1–2 minutes -
What is GlobalProtect? Palo Alto Networks VPN Gateway Explained
GlobalProtect is Palo Alto Networks’ enterprise remote access gateway. This explainer covers how it works, why it matters, and the security considerations organizations should understand about CVE-2024-3400 and enterprise VPN security.
·
·
4–6 minutes -
What is a Zero-Day Vulnerability?
A zero-day vulnerability is a software flaw unknown to its vendor or the public, making it exceptionally dangerous due to immediate exploitation by malicious actors before patches are available. These vulnerabilities are critical in cyber…
·
·
2–3 minutes
