Latest Cybersecurity Threats

Real-time threat intelligence from trusted sources

Progress Software has alerted its ShareFile Storage Zone customers to immediately shut down their internet-facing servers due to a credible security threat that is currently under investigation. An email sent on July 10 emphasized the urgency of the situation, indicating that immediate action is necessary to protect sensitive data. This warning affects customers using the Storage Zone feature of ShareFile, which is designed for secure file storage and sharing. The need for prompt action highlights the potential risks associated with exposed servers, especially in an era where cyber threats are increasingly sophisticated. Customers are advised to take this warning seriously to mitigate any possible security breaches.

Read Original
Actively Exploited

A new version of the RedHook malware for Android has been discovered using a technique that exploits the Wireless Debugging feature, known as Wireless ADB. This allows attackers to gain shell-level access to devices without needing a physical connection to a computer. This development raises concerns because it can enable unauthorized control over affected devices, putting personal data and privacy at risk. Users of Android devices, especially those with Wireless ADB enabled, should be particularly vigilant. Researchers emphasize the need for users to disable this feature when not in use to mitigate potential risks.

Read Original

Last week, Accenture experienced a significant data breach that has raised concerns about the security of sensitive information. While specific details about the breach have not been fully disclosed, it is known that the attack may have compromised client data, which could have serious ramifications for businesses relying on Accenture's services. Cybersecurity experts are urging companies to review their security measures and ensure that they are prepared for potential fallout from this incident. Additionally, there was a discussion on the importance of tools like DMARC and BIMI for securing email communications, highlighting the ongoing challenges in protecting digital identities and brand integrity. This breach serves as a reminder of the vulnerabilities that large organizations face and the need for robust security practices.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities catalog. These flaws could allow attackers to compromise systems that utilize these applications, potentially leading to unauthorized access or data breaches. Organizations using these products should assess their systems for the vulnerabilities and apply any available patches or updates. The inclusion of these vulnerabilities in the CISA catalog signals their seriousness and emphasizes the need for organizations to stay vigilant about securing their software. This update is part of ongoing efforts to inform the public about critical vulnerabilities that could be exploited by cybercriminals.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities associated with iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities catalog. iCagenda is an open-source event management extension for Joomla, while Balbooa Forms is a popular form builder for Joomla sites. The inclusion of these flaws in the catalog means that they are recognized as actively exploited vulnerabilities, posing a risk to users of these platforms. It's essential for site administrators using these extensions to take immediate action to secure their systems and protect sensitive data. Ignoring these vulnerabilities could lead to unauthorized access or data breaches, affecting both website operators and their users.

Read Original

Cybersecurity researchers have reported a series of cyber espionage attacks targeting multiple law enforcement agencies in Pakistan, specifically between February 2024 and April 2026. The Balochistan Police's web applications, which manage sensitive police and citizen data, were among the compromised assets. The attackers are believed to be linked to threat actors aligned with either China or India. This incident raises serious concerns about the security of law enforcement data in Pakistan and the potential implications for public safety. Such breaches not only compromise sensitive information but also can undermine trust in law enforcement institutions.

Read Original

Researchers at Binarly have identified six vulnerabilities in U-Boot, an open-source bootloader used widely in devices such as home routers, smart cameras, and server management controllers. Among these flaws, two are particularly concerning as they allow for unauthorized code execution during the boot image verification process. This affects over 50 different releases of U-Boot, potentially jeopardizing the security of millions of devices connected to the internet. The presence of these vulnerabilities could enable attackers to compromise devices before the operating system even loads, posing serious risks to users and organizations relying on these technologies. It's critical for manufacturers and users to remain vigilant and apply necessary updates as they become available.

Read Original
Actively Exploited

Recent reports indicate that multiple campaigns are exploiting ghost accounts to gather extensive information about GitHub organizations. These attackers are utilizing the GitHub API to map out repositories and members associated with various organizations. This type of reconnaissance can pose significant risks, as it may allow malicious actors to identify vulnerabilities or sensitive data within those repositories. Organizations that rely on GitHub for their code and collaboration need to be aware of this tactic, as it could lead to targeted attacks or data breaches. GitHub users should consider tightening their security settings and monitoring for unusual activity related to their accounts.

Read Original

The Australian Cyber Security Centre (ACSC) has issued a warning about a global campaign exploiting vulnerabilities in content management systems (CMS) and their associated plugins. This alert is particularly relevant for website owners and organizations that rely on these platforms, as attackers are actively seeking out weaknesses to gain unauthorized access. The ACSC did not specify which CMS platforms or plugins are most affected, but the alert serves as a reminder for users to stay vigilant and ensure their systems are up-to-date. With many websites using popular CMS platforms, the potential impact could be widespread, leading to data breaches or website defacement. Users are encouraged to regularly patch their systems and monitor for any suspicious activity.

Read Original

Researchers have demonstrated a new technique called 'Ghostcommit' that can hide prompt injection attacks within PNG image files. This method allows attackers to bypass AI code reviewers like CodeRabbit and Bugbot, which do not examine image files. Once the image is processed by a coding agent, it can lead to unauthorized access to sensitive information, such as secrets stored in a repository's .env file. This technique poses a serious risk to software developers and organizations that rely on automated code review tools, as it can result in the exposure of confidential data. The ability to extract secrets and convert them into a readable format makes it a significant concern for data security.

Read Original

Zimbra has issued a warning regarding a serious vulnerability in its Classic Web Client that could allow attackers to execute malicious code through specially crafted emails. This vulnerability falls under the category of stored cross-site scripting (XSS) and poses a significant risk as it could enable unauthorized actions within a user's session. While the flaw has not yet been assigned a CVE identifier, Zimbra is urging all customers to implement the necessary updates to mitigate this risk. The potential for arbitrary code execution raises alarms about data security and user safety, making it crucial for affected users to take prompt action. Companies that rely on Zimbra for email services should prioritize applying the updates to protect their systems from potential exploitation.

Read Original

Matt Burch, a principal security researcher at Atredis Partners, has discovered nine vulnerabilities in the CryptoPro Secure Disk software, which is used in ATM security. These vulnerabilities could potentially allow attackers to bypass security measures and gain unauthorized access to sensitive data stored on ATMs. Burch is set to present his findings at the upcoming Black Hat USA 2026 conference, emphasizing the need for financial institutions to address these weaknesses promptly. The implications are significant as they could affect the integrity of ATM transactions and the security of customer information. As vulnerabilities in ATM systems can lead to financial losses and breaches of personal data, it is crucial for vendors and banks to take immediate action to mitigate these risks.

Read Original
Actively Exploited

A recent report by QiAnXin, a Chinese cybersecurity firm, reveals that the Silver Fox group is using a new Remote Access Trojan (RAT) called MODBEACON, which is developed in Rust. Although their methods, such as SEO poisoning and fake software installers, may seem basic, the group's operation is more intricate, involving several distributors. This complexity raises concerns about the potential reach and effectiveness of their attacks. Organizations and users need to be vigilant about the software they download and the links they click to avoid falling victim to these tactics. The emergence of this Rust-based RAT signifies a shift in how attackers are developing malware, possibly making it harder to detect and mitigate.

Read Original

The NHS has launched a new awareness campaign aimed at preventing unauthorized access to patient data. This initiative comes in response to growing concerns about the security of sensitive health information. Healthcare staff are being reminded that unauthorized access to patient records can lead to severe consequences, including potential jail time. The NHS is updating its guidance for organizations to help monitor and report any breaches more effectively. This move is crucial as it seeks to protect patient privacy and maintain trust in the healthcare system.

Read Original

A staff member at a Scottish NHS Trust mistakenly emailed a spreadsheet containing sensitive patient data from the maternity system to their personal email address. This incident raises serious concerns about data handling and privacy within healthcare organizations. Affected individuals include patients whose information was included in the spreadsheet, potentially exposing them to risks such as identity theft or misuse of their personal information. The situation emphasizes the need for strict data management policies and training for staff on the importance of safeguarding patient data. As healthcare entities continue to digitize records, ensuring robust data protection measures is more crucial than ever.

Read Original
Page 1 of 258Next