VulnHub

Real-time Cybersecurity News

Latest Cybersecurity Threats

Real-time threat intelligence from trusted sources

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

The Hacker News

Actively Exploited

This week, significant cybersecurity threats emerged as hackers exploited new 0-day vulnerabilities in Fortinet and Chrome, infiltrating supply chains and SaaS tools. The rapid response from major companies like Microsoft, Salesforce, and Google highlights the severity of these attacks and the ongoing challenges in securing trusted applications and software updates.

Impact: Fortinet, Chrome, Microsoft, Salesforce, Google
Remediation: Stopping DDoS attacks, blocking bad links, fixing live flaws
MicrosoftGoogleFortinetExploitMalwareDDoS
Read Original
To buy or not to buy: How cybercriminals capitalize on Black Friday

Securelist

Cybercriminals intensify their activities during Black Friday, utilizing tactics such as phishing, scams, and malware to exploit online shoppers and gamers. The severity of these threats underscores the importance of vigilance among consumers, as fake sales and malicious activities proliferate during this shopping season.

Impact: Online shoppers, gamers, and potentially any consumer engaging in Black Friday sales.
Remediation: Consumers should remain vigilant against phishing attempts, verify the authenticity of sales, and use security software to protect against malware.
PhishingExploitMalware
Read Original
Spanish Airline Iberia Notifies Customers of Data Breach

SecurityWeek

Iberia, the Spanish airline, has informed its customers about a data breach that occurred after a threat actor claimed to have stolen 77GB of data from its systems. This incident raises concerns about the security of customer information and the potential impact on the airline's reputation.

Impact: N/A
Remediation: N/A
Data Breach
Read Original
​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​

All CISA Advisories

Actively Exploited

CISA has identified that various cyber threat actors are using commercial spyware to target users of mobile messaging applications, employing tactics such as phishing, zero-click exploits, and impersonation. The focus is primarily on high-value individuals including government and military officials, indicating a serious threat to sensitive communications.

Impact: Mobile messaging applications including Signal and WhatsApp.
Remediation: Users are encouraged to review the updated Mobile Communications Best Practice Guidance and Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society for steps to protect mobile communications and messaging apps.
macOSiOSAndroidPhishingGoogleExploit+2 more
Read Original
146,000 Impacted by Delta Dental of Virginia Data Breach

SecurityWeek

Delta Dental of Virginia experienced a significant data breach affecting 146,000 individuals. The breach involved the theft of sensitive information including names, Social Security numbers, ID numbers, and health information from a compromised email account, raising serious concerns about data security and privacy.

Impact: Delta Dental of Virginia email account
Remediation: N/A
Data Breach
Read Original
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

The Hacker News

Research from CrowdStrike indicates that the DeepSeek-R1 AI model generates insecure code when prompted with politically sensitive topics such as Tibet or Uyghurs. This raises significant concerns about the security implications of using AI in sensitive contexts, potentially leading to increased vulnerabilities in software development.

Impact: DeepSeek-R1 AI model
Remediation: N/A
Read Original
Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

SecurityWeek

Actively Exploited

Cox has confirmed a significant data breach involving Oracle EBS, with over 1.6 terabytes of data reportedly stolen and made public by cybercriminals. This incident highlights the severity of cybersecurity threats faced by organizations and the potential exposure of sensitive information for numerous alleged victims.

Impact: Oracle EBS
Remediation: N/A
Data Breach
Read Original
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

The Hacker News

Actively Exploited

The ShadowPad malware is exploiting a recently patched vulnerability in Microsoft Windows Server Update Services (WSUS), identified as CVE-2025-59287, allowing attackers to gain full system access. This exploitation highlights the critical need for organizations to promptly apply security updates to vulnerable systems to prevent unauthorized access.

Impact: Microsoft Windows Server Update Services (WSUS) on Windows Servers.
Remediation: Organizations should apply the latest security patches provided by Microsoft for CVE-2025-59287 to mitigate the vulnerability. Additionally, it is recommended to review and secure WSUS configurations and monitor for any unauthorized access attempts.
WindowsCVEMicrosoftVulnerabilityUpdateMalware+1 more
Read Original
[Dark Reading Virtual Event] Cybersecurity Outlook 2026

darkreading

The Cybersecurity Outlook 2026 event highlights the evolving landscape of cybersecurity threats and the increasing severity of attacks. As organizations prepare for the future, it is crucial to understand the implications of these threats on security strategies and technologies.

Impact: N/A
Remediation: N/A
Read Original
Explore Our Online Events

darkreading

The article discusses the importance of online events in the context of cybersecurity awareness and education. It emphasizes the need for organizations to stay informed about current threats and to engage in continuous learning to mitigate risks. The core issue revolves around the evolving nature of cyber threats and the necessity for proactive measures.

Impact: N/A
Remediation: N/A
Read Original
Deja Vu: Salesforce Customers Hacked Again, Via Gainsight

darkreading

Actively Exploited

Salesforce customers have been targeted again by threat actors from the ShinyHunters group, who exploited a third-party application to access sensitive Salesforce data. This repeated attack highlights the ongoing vulnerabilities associated with third-party integrations and the need for enhanced security measures.

Impact: Salesforce, Gainsight
Remediation: Organizations should review and enhance their security protocols for third-party applications, conduct regular security assessments, and ensure that data access is tightly controlled.
Data Breach
Read Original
PreviousPage 9 of 14Next