Please turn on your JavaScript for this page to function normally.
wireless router
Swap EOL Zyxel routers, upgrade Netgear ones!

There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting …

smartphone
Crypto-stealing iOS, Android malware found on App Store, Google Play

A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate …

7-zip
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)

CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver …

Casio
Casio UK site compromised, equipped with web skimmer

Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has …

malicious package
DeepSeek’s popularity exploited to push malicious packages via PyPI

Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they …

CMS8000 Patient Monitor
Patient monitors with backdoor are sending info to China, CISA warns

Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a …

arrest
Cybercrime forums Cracked and Nulled seized, operators arrested

Law enforcement from Germany, Australia, Spain, Greece, Romania, Italy, France and the USA have seized and shut down Cracked and Nulled, the two largest cybercrime forums in …

SimpleHelp
SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs

Attackers may have exploited vulnerabilities in the SimpleHelp remote monitoring and management solution to gain initial access to healthcare organizations. About the …

Zyxel
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, …

Deepseek
DeepSeek’s popularity exploited by malware peddlers, scammers

As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of …

backdoor
Europeans targeted with new Tor-using backdoor and infostealers

A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that …

Apple
Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)

Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use …

Don't miss

Cybersecurity news