A newly discovered vulnerability in discontinued D-Link devices poses a serious risk, allowing attackers to execute arbitrary shell commands without authentication. This critical-severity flaw affects users of these outdated devices, which may still be in use despite not being supported or receiving updates from the manufacturer. The fact that the vulnerability is being actively exploited means that users should take immediate action to safeguard their networks. If left unaddressed, this could allow attackers to gain control over affected devices, potentially leading to larger network breaches. Users of D-Link products are advised to assess their device usage and consider replacing unsupported hardware to mitigate these risks.
Articles tagged "Exploit"
Found 582 articles
Hackers are exploiting a serious vulnerability in older D-Link DSL routers, identified as CVE-2026-0625. This flaw allows attackers to execute commands remotely, potentially compromising users' devices and networks. The vulnerability has a high severity score of 9.3, which indicates that it poses a significant risk. Users of legacy D-Link DSL routers need to be aware of this issue as it could lead to unauthorized access and control over their internet-connected devices. As attackers actively exploit this flaw, it is crucial for affected users to take immediate action to protect their systems.
A hacker group known as Zestix has successfully breached around 50 companies by exploiting a lack of multi-factor authentication (MFA). These breaches involved the use of infostealers, which are malicious programs designed to gather sensitive information from users. The absence of MFA made it easier for attackers to gain access to sensitive data without needing additional verification steps. This incident serves as a stark reminder for businesses to implement stronger security measures, as it shows how quickly attackers can exploit basic vulnerabilities. Organizations that haven't adopted MFA may find themselves at greater risk of data theft and financial loss.
A serious vulnerability in Dolby's software for Android devices has been identified, tracked as CVE-2025-54957. Discovered by Google researchers in October 2025, this flaw could potentially allow attackers to exploit the Dolby audio processing capabilities on affected devices. Users of Android devices utilizing Dolby technology should be particularly cautious, as the vulnerability poses risks to their audio functionality and overall device security. Immediate action is recommended to ensure that devices are updated to the latest software versions that include the necessary patches to fix this issue. This discovery emphasizes the need for regular updates and vigilance among users and security teams alike.
Email continues to be the main entry point for cyber attackers, with significant increases in various types of email threats. Malware delivered through email surged by over 130% year-over-year, while phishing scams rose by more than 20% and other scams increased by 30%. These alarming trends expose vulnerabilities across different industries, indicating that many security teams are still missing critical gaps in their defenses. As attackers increasingly exploit email for impersonation and account takeover, companies must reassess their email security strategies to better protect sensitive information and prevent breaches. The growing reliance on email as a communication tool makes it essential for organizations to prioritize security measures in this area.
French authorities are currently investigating a concerning trend involving AI-generated deepfakes that are being used to create explicit images of individuals without their consent. This situation has raised significant alarm, as it poses serious privacy and security issues for those affected. The technology behind these deepfakes can manipulate images to make it appear as though someone is in a compromising situation, which not only harms reputations but can also lead to harassment. Authorities are looking into the implications of this misuse of AI and how it can be regulated to protect individuals. As the use of such technology increases, it becomes crucial to establish clear guidelines and laws to prevent exploitation and misuse.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Resecurity has responded to claims from the hacking group ShinyHunters, asserting that the attackers did not breach any real systems or access customer data. Instead, Resecurity says the hackers interacted with a honeypot designed to capture malicious activity, which contained only fake information. This incident underscores the ongoing challenges in cybersecurity, as groups like ShinyHunters may attempt to exploit vulnerabilities or claim breaches that aren't genuine. For companies, this serves as a reminder to monitor their security measures and ensure they are prepared for potential threats, even if they turn out to be misdirected. The situation illustrates the importance of having robust security practices in place to counteract both real and perceived threats.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Hackers using the RondoDox botnet are exploiting a vulnerability in Next.js known as React2Shell to take control of over 90,000 unpatched devices. This includes a range of products such as routers, smart cameras, and small business websites. The attack is particularly concerning because it targets devices that often lack regular updates or security patches, making them easy targets for cybercriminals. Users of these devices should be vigilant and consider updating their systems to protect against this growing threat. The scale of the devices affected raises alarms about the potential for widespread disruption if left unaddressed.
Over 10,000 Fortinet firewalls are currently at risk due to a two-factor authentication (2FA) bypass vulnerability that has been known for five years. This vulnerability allows attackers to exploit systems that have not implemented proper security measures, potentially granting them unauthorized access to sensitive data and networks. The issue is particularly pressing because it affects devices that are publicly accessible on the internet, increasing the likelihood of exploitation. Organizations using these firewalls need to act quickly to secure their systems and protect against potential breaches. It's crucial for users to verify their configurations and apply any available updates to mitigate this serious risk.
The European Space Agency (ESA) has confirmed a data breach after a hacker, known as '888', attempted to sell stolen data online. The breach involved external science servers, raising concerns about the security of sensitive information related to ESA's projects. This incident highlights the risks that organizations face from cybercriminals looking to exploit vulnerabilities for financial gain. The ESA's acknowledgment of the breach indicates that they are taking steps to address the situation, but the full scope of the data compromised remains unclear. As this breach could potentially affect ongoing scientific research and collaborations, it underscores the need for robust cybersecurity measures in institutions handling critical data.
BleepingComputer
The European Space Agency (ESA) has reported a breach involving external servers that contained unclassified information related to collaborative engineering efforts. While the data accessed was not classified, the incident raises concerns about the security of sensitive information even when labeled as unclassified. The breach emphasizes the importance of securing all types of data, as attackers can exploit vulnerabilities in external systems. ESA has not specified the exact nature of the attack or the extent of the data accessed, but it is a reminder for organizations to review their cybersecurity measures, especially regarding external servers. This incident could potentially affect partnerships and collaborative projects within the space sector, highlighting the need for robust security protocols.
Fortinet has issued a warning about ongoing attacks that exploit an old vulnerability in its FortiOS software, identified as CVE-2020-12812. This flaw allows attackers to bypass two-factor authentication, which can significantly compromise the security of affected systems. Organizations using FortiOS should be particularly vigilant, as this vulnerability has resurfaced in active attacks. The potential for unauthorized access puts sensitive data at risk, making it critical for users to address this issue promptly. Cybersecurity teams are urged to review their systems and implement necessary updates to safeguard against these threats.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Researchers have identified a critical unpatched vulnerability, designated CVE-2025-54322, in XSpeeder networking devices, which are widely used in industrial and branch environments. Approximately 70,000 devices are affected, leaving them open to potential exploitation. The flaw was discovered by AI agents, but the vendor has not addressed the alert, raising concerns about the security of these devices. This situation poses a significant risk, as attackers could exploit the vulnerability to gain unauthorized access or disrupt operations. Companies using XSpeeder devices should take immediate action to assess their security posture and implement necessary safeguards to protect their networks.
A serious vulnerability has been found in LangChain Core, a key Python package used for developing applications that utilize large language models (LLMs). This flaw, identified as CVE-2025-68664 and assigned a CVSS score of 9.3, could enable attackers to perform prompt injection attacks, which may lead to the theft of sensitive data and manipulation of LLM responses. Organizations using LangChain Core for their applications are at risk, as this vulnerability allows malicious actors to exploit the package to access confidential information. It's critical for developers and companies utilizing this software to take immediate action to secure their systems and protect user data from potential breaches.
Users of the Trust Wallet Chrome extension have reported significant cryptocurrency losses after a malicious update was released on December 24. This compromised update allowed attackers to drain wallets, leading to millions in losses for affected individuals. In conjunction with this incident, researchers discovered a phishing domain set up by the hackers, further indicating a coordinated effort to exploit Trust Wallet users. The company has responded urgently, advising users to take precautions and remain vigilant to avoid further losses. This incident serves as a stark reminder of the risks associated with browser extensions and the importance of ensuring that software updates are legitimate and secure.