Please turn on your JavaScript for this page to function normally.
Phishing
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in …

Agentic AI
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI …

Salesforce
Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those …

Plex Media Server
300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for …

Netscaler
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) – updated!

Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been …

git
Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not …

ScreenConnect
ScreenConnect admins targeted with spoofed login alerts

ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of …

ClickFix
Fake macOS help sites push Shamos infostealer via ClickFix technique

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers …

cloud
China-linked Murky Panda targets and moves laterally through cloud services

In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to …

russian flag
Russian threat actors using old Cisco bug to target critical infrastructure orgs

A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old …

Amazon S3
AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged

AWS’s Trusted Advisor tool, which is supposed to warn customers if their (cloud) S3 storage buckets are publicly exposed, could be “tricked” into reporting them as …

Apple
Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools