Cybersecurity
-
Maximum severity GoAnywhere MFT flaw exploited as zero day
Source: BleepingComputerRead more: Maximum severity GoAnywhere MFT flaw exploited as zero dayA serious vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere MFT has been identified, allowing hackers to execute commands remotely without authentication. This…
-
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
Source: The Hacker NewsRead more: New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused CyberattacksThe Russian APT group COLDRIVER has launched a new malware campaign featuring two lightweight malware families identified as BAITSWITCH and…
-
Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in Gaza
Source: SecurityWeekRead more: Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in GazaMicrosoft has restricted access to its AI and cloud services for a unit within the Israeli military. This decision comes…
-
North Korea’s Fake Recruiters Feed Stolen Data to IT Workers
Source: SecurityWeekRead more: North Korea’s Fake Recruiters Feed Stolen Data to IT WorkersNorth Korean cybercriminals are impersonating recruiters to harvest identities from developers. This stolen data is being channeled to fraudulent IT…
-
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions
Source: The Hacker NewsRead more: Crash Tests for Security: Why BAS Is Proof of Defense, Not AssumptionsJust like car manufacturers conduct crash tests to validate their designs, organizations must apply similar rigorous testing to their cybersecurity…
-
No Patches for Vulnerabilities Allowing Cognex Industrial Camera Hacking
Source: SecurityWeekRead more: No Patches for Vulnerabilities Allowing Cognex Industrial Camera HackingCognex has announced that there will be no patches for vulnerabilities identified in its industrial camera systems. Customers are urged…
-
New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions
Source: SecurityWeekRead more: New XCSSET macOS Malware Variant Hijacks Cryptocurrency TransactionsA new variant of the XCSSET malware has emerged, targeting cryptocurrency transactions on macOS. This updated malware employs a four-stage…
-
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure
Source: The Hacker NewsRead more: Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public DisclosureA recently disclosed CVSS 10.0 vulnerability in Fortra GoAnywhere Managed File Transfer software is reportedly being actively exploited. Cybersecurity firm…
-
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module
Source: The Hacker NewsRead more: New macOS XCSSET Variant Targets Firefox with Clipper and Persistence ModuleResearchers have identified a new variant of XCSSET malware affecting macOS, with enhanced targeting features. This variant includes updates to…
-
Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day
Source: SecurityWeekRead more: Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-DayA threat actor has leveraged CVE-2025-10035 as a zero-day exploit to create a backdoor admin account. This incident raises concerns…