In The News

Researcher Says Patched Commvault Bug Still Exploitable darkreadingJai Vijayan, Contributing Writer
May 6, 2025

CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild. CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the …

Read More
No Comment

In The News


‘Easily Exploitable’ Langflow Vulnerability Requires Immediate Patching darkreadingKristina Beek, Associate Editor, Dark Reading
May 6, 2025

The vulnerability, which has a CVSS score of 9.8, is under attack and allows threat actors to remotely execute arbitrary commands on servers running the agentic AI builder. The vulnerability, which …

Read More
No Comment

Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet The Hacker [email protected] (The Hacker News)
May 6, 2025

Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) …

Read More
No Comment

CISA Warns 2 SonicWall Vulnerabilities Under Active Exploitation darkreadingKristina Beek, Associate Editor, Dark Reading
May 6, 2025

The vulnerabilities affect SonicWall's SMA devices for secure remote access, which have been heavily targeted by threat actors in the past. The vulnerabilities affect SonicWall's SMA devices for secure remote access, …

Read More
No Comment

Addressing the Top Cyber-Risks in Higher Education darkreadingMichael Sink
May 6, 2025

As attacks accelerate, security leaders must act to gain visibility across their entire institution's network and systems and continuously educate their users on best practices. As attacks accelerate, security leaders must …

Read More
No Comment

New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims The Hacker [email protected] (The Hacker News)
May 6, 2025

Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity through traffic distribution systems (TDSes). The activity clusters have …

Read More
No Comment

CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
May 6, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-27363 FreeType Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for …

Read More
No Comment

Unsophisticated Cyber Actor(s) Targeting Operational Technology AlertsCISA
May 6, 2025

CISA is increasingly aware of unsophisticated cyber actor(s) targeting ICS/SCADA systems within U.S. critical Infrastructure sectors (Oil and Natural Gas), specifically in Energy and Transportation Systems. Although these activities often …

Read More
No Comment

CISA Releases Three Industrial Control Systems Advisories AlertsCISA
May 6, 2025

CISA released three Industrial Control Systems (ICS) advisories on May 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-126-01 Optigo Networks ONS NC600 ICSA-25-126-02 …

Read More
No Comment

Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches The Hacker [email protected] (The Hacker News)
May 6, 2025

It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently, …

Read More
No Comment