Search results for: “ransomware”
Showing results matching your search
Refine your search
-
CISA Adds Two Roundcube Flaws to KEV: What Organizations Must Do
CISA has added two actively exploited Roundcube vulnerabilities to its Known Exploited Vulnerabilities catalog. This post explains the risk, detection steps, and remediation guidance for admins.
·
·
2–3 minutes -
Pulse Secure network hacked via backdoor embedded in its VPN software
Pulse Secure network was breached after attackers planted a backdoor in the vendor’s VPN code, according to a Bloomberg report. The intrusion affected 119 customer organizations and underscores recurring Ivanti VPN flaws.
·
·
1–2 minutes -
Covenant Health data breach widens to 478,188 patients
Covenant Health data breach totals jumped to 478,188 patients after a forensic re-scan of 1.35 million stolen files linked to the Qilin ransomware group.
·
·
6–10 minutes -
Resecurity honeypot trap sparks breach debate
Resecurity says the breach claims against it touched only a synthetic-data honeypot, while the attackers insist they stole real records. We break down how the decoy was built, what telemetry it produced, and the controls…
·
·
5–7 minutes -
Honeypot Defense Turns Breach Claim Into Intelligence
Threat actors claimed breaching Resecurity. The firm responded with deception: attackers accessed a honeypot trap containing fake data. Resecurity’s defense turned an attack into intelligence collection.
·
·
6–9 minutes -
DarkSpectre Browser Extension Campaigns Expose 8.8 Million Users to Corporate Espionage
DarkSpectre is a Chinese threat actor operating three browser extension campaigns infecting 8.8 million users across Chrome, Edge, and Firefox. ShadyPanda (5.6M users) executes mass surveillance and affiliate fraud. GhostPoster (1.05M) delivers steganographic payloads. The…
·
·
5–8 minutes -
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways
SmarterTools SmarterMail CVE-2025-52691 (CVSS 10.0) allows unauthenticated attackers to upload arbitrary files to mail servers without authentication, enabling immediate remote code execution. Affects Build 9406 and earlier; patched in Build 9413 (Oct 9, 2025). Used…
·
·
11–16 minutes -
RondoDox Botnet Exploits React2Shell CVSS 10.0 to Hijack 90,300+ IoT Devices and Web Servers
A sophisticated botnet campaign spanning nine months has targeted IoT devices and web applications worldwide, exploiting React2Shell CVE-2025-55182 (CVSS 10.0) as its primary initial access vector since December 2025. With 68,400 vulnerable instances in the…
·
·
8–12 minutes -
Fortinet FortiOS CVE-2020-12812: Five-Year-Old 2FA Bypass Affecting 9,700+ Exposed Firewalls Under Active Exploitation
A five-year-old 2FA bypass vulnerability in Fortinet FortiOS continues to plague enterprise perimeter security. Over 9,700 unpatched FortiGate instances remain exposed globally as of January 2026, with active exploitation confirmed. An attacker can bypass two-factor…
·
·
7–11 minutes -
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are deploying Matrix Push C2, a new command-and-control platform for sophisticated phishing attacks. This framework uses web browser notifications to deliver malicious links across various operating systems, employing a fileless approach that bypasses…
·
·
2–4 minutes
