Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with […]
news
news
HPE warns of hardcoded passwords in Aruba access points
Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal
news
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign. The
news
Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed
news
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier
news
How the rise of green tech is feeding another environmental crisis
The world’s race to decarbonise has led to the rise of electric cars – and with it, soaring demand for
news
How the rise of green tech is feeding another environmental crisis
The world’s race to decarbonise has led to the rise of electric cars – and with it, soaring demand for
news
Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack
A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users
news
Popular npm linter packages hijacked via phishing to drop malware
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into malware droppers, in a supply chain attack
news
ChatGPT”s GPT-5-reasoning-alpha model spotted ahead of launch
GPT-5 might be just a few days or weeks away, as we’ve spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13.
news
OpenAI, Anthropic, Google may disrupt education market with new AI tools
AI companies could soon disrupt the education market with their new AI-based learning tools for students. […] Source:: BleepingComputer
news
New CrushFTP zero-day exploited in attacks to hijack servers
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain
news
CrushFTP zero-day exploited in attacks to gain admin access on servers
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain
news
Automating Network Design in NVIDIA Air with Ansible and Git
At its core, NVIDIA Air is built for automation. Every part of your network can be coded, versioned, and set
news
Arch Linux pulls AUR packages that installed Chaos RAT malware
Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR) were used to install the CHAOS
news
Amazon SQS expands IPv6 support to VPC endpoints in AWS commercial Regions
Amazon Simple Queue Service (Amazon SQS) now allows customers to make API requests over Internet Protocol version 6 (IPv6) through
news
Amazon EC2 High Memory U7i instances now support higher Amazon EBS-optimized instance performance
Today, we are announcing enhanced Amazon Elastic Block Store (EBS) performance for Amazon EC2 High Memory U7i instances. This improvement
news
AWS Private CA now supports issuing up to 100 million certificates per CA
AWS Private Certificate Authority (AWS Private CA) now enables you to issue up to 100 million certificates per certificate authority