Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Fortinet FortiWeb Zero-Day Actively Exploited
A severe security vulnerability in Fortinet’s FortiWeb web application firewall is actively exploited, allowing attackers to bypass authentication. This zero-day flaw impacts FortiWeb versions 8.0.1 and earlier. Update to 8.0.2 or later to protect against this vulnerability.
-
IndonesianFoods-worm Floods NPM Registry
A sophisticated self-replicating ‘IndonesianFoods-worm’ has flooded the npm registry with tens of thousands of malicious packages. This aggressive campaign, documented by SourceCodeRed and JFrog, poses a significant threat to the software supply chain.
-
What is OpenID Connect (OIDC)? — Explainer tied to CVE-2025-54603
A concise explainer of OpenID Connect (OIDC) and how product-level OIDC misimplementations (as in CVE-2025-54603) can lead to authentication bypasses.
-
What is GlobalProtect? Palo Alto Networks VPN Gateway Explained
GlobalProtect is Palo Alto Networks’ enterprise remote access gateway. This explainer covers how it works, why it matters, and the security considerations organizations should understand about CVE-2024-3400 and enterprise VPN security.
-
ShadowMQ Flaw Exposes AI Inference Engines to Remote Code Execution
Oligo Security found a recurring ZeroMQ/pickle deserialization flaw affecting multiple AI inference frameworks; several vendors have issued patches.
-
PhantomRaven Malware Found in 126 npm Packages, Stealing GitHub Tokens
PhantomRaven exploits npm packages to steal GitHub tokens and CI/CD secrets, Koi Security says.
-
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases
Safery is a malicious Chrome wallet extension that hides stolen Ethereum seed phrases inside Sui micro-transactions; defenders should monitor unexpected browser RPC calls and on-chain writes during wallet import.
-
Cisco RCE Vulnerability Affects Security Appliances
Cisco has identified a critical RCE vulnerability, CVE-2024-20353, affecting its Secure Web Appliance and Secure Email Gateway products. Immediate updates are urged.
-
Unnamed APT Exploits Zero-Days in Citrix and Cisco, Targeting Critical Infrastructure
An unnamed advanced persistent threat (APT) group exploited zero-day vulnerabilities in Citrix NetScaler ADC and Gateway, dubbed “CitrixBleed 2,” and a critical flaw in Cisco Identity Service Engine (ISE). The attacks targeted essential identity and network access control infrastructure.
-
Canada Imposes New Sanctions on Russian Drone and Energy Production
Canada has imposed new sanctions on Russia, targeting its drone and energy industries, and infrastructure implicated in cyberattacks against Ukraine. These measures escalate economic pressure aimed at curbing Russia’s ongoing conflict.