A newly disclosed vulnerability in Cisco’s Unified Intelligence Center enables authenticated users with Report Designer privileges to upload arbitrary files, posing a significant risk to enterprise systems. Tracked as CVE-2025-20274 and rated 6.3 on the CVSS scale, the Cisco CUIC flaw lets hackers exploit weak server-side validation in the management portal to execute malicious files […]
Cloudflare confirmed that a recent disruption to its 1.1.1.1 DNS resolver on July 14 was not caused by a cyberattack but by a misconfiguration. The Cloudflare outage, blamed initially on a BGP hijack, lasted 62 minutes and affected millions of users globally. Engineers traced the issue to a dormant update from June 6 that mistakenly […]
Microsoft is extending support for legacy versions of Exchange Server and Skype for Business Server, as organizations continue to lag behind in migration efforts. In a move that underscores its strategy, Microsoft sells time to these customers by offering paid security updates—though some question whether these updates provide tangible value. The company has acknowledged that […]
UK retailer Co-op confirmed that hackers stole personal data from 6.5 million members during a large-scale cyberattack in April. The breach disrupted company operations, causing temporary shutdowns across its systems and triggering food shortages in grocery stores. Co-op says hack stolen data included sensitive member information, though the company has not disclosed the specific details […]
Hackers hide malware in WordPress websites using a novel ZIP-based attack that redirects users to harmful domains, cybersecurity researchers revealed. The campaign, first detected in July 2025, uses obfuscated PHP code to evade detection and persist across site updates. Attackers modify the wp-settings.php file to inject code that executes hidden payloads from a ZIP archive […]
Ukrainian hackers breached a Russian drone manufacturer in a cyberattack they described as a deep penetration into military infrastructure. The group claimed responsibility for compromising Gaskar, a company linked to Russia’s unmanned aerial vehicle development. In a statement, the hackers said they reached “the very tonsils of demilitarization,” suggesting significant infiltration of internal systems. This […]
Hackers use Teams to deploy a newly enhanced version of the Matanbuchus malware loader, cybersecurity researchers warned this week. The upgraded variant includes features designed to improve stealth, allowing it to bypass detection mechanisms more effectively. Matanbuchus, a malware-as-a-service (MaaS) tool, enables attackers to deliver follow-on payloads, including ransomware and Cobalt Strike beacons. Researchers identified […]
The U.S. Department of Homeland Security is under renewed scrutiny after collecting DNA from roughly 133,000 migrant children and teenagers, placing their genetic information into a national criminal database. DHS pressed on DNA collection practices, now faces criticism from civil rights advocates who argue that treating minors like criminal suspects could have long-term consequences. The […]
An international law enforcement operation has disrupted the activities of the NoName057(16) hacker group, a pro-Russian collective known for launching distributed denial-of-service attacks. Authorities from Europe and the United States coordinated efforts to target the group, which has repeatedly struck digital infrastructure in Ukraine and allied nations. Officials say the action aimed to weaken the […]
Italian authorities have dismantled a Romanian cybercrime group accused of launching ransomware attacks on nonprofit organizations and film production companies, according to a statement from Italy’s Postal and Cybersecurity Police. The operation, described as an Italian Police bust of Romanian ransomware actors, targeted a group known as “Diskstation,” which allegedly encrypted victims’ systems and demanded […]
Multiple Fortinet FortiWeb systems have come under attack in recent days, with cybersecurity analysts linking the breaches to a known remote code execution vulnerability. Fortinet FortiWeb hit by hacks appears to be the result of public exploits targeting CVE-2025-25257, a flaw that Fortinet recently patched. The attackers reportedly deployed web shells on compromised systems, enabling […]
Authorities have dismantled a ransomware operation that targeted Network Attached Storage (NAS) devices, arresting the suspected leader in a coordinated effort named “Operation Elicius.” The international investigation, which spanned multiple jurisdictions, led to the takedown of the DiskStation ransomware gang. Police bust NAS ransomware networks like this to protect businesses and individuals from escalating cyber […]