VulnHub

Hackers are taking advantage of a serious zero-day vulnerability in D-Link DSL routers that are no longer supported. This flaw allows attackers to execute arbitrary commands on the devices, posing significant risks to users still relying on these outdated models. As these routers are not receiving security updates, individuals and businesses using them are particularly vulnerable to unauthorized access and potential data breaches. Users are urged to consider replacing their D-Link routers with more secure, supported options to mitigate these risks. The exploitation of such vulnerabilities underscores the importance of using updated technology in a cybersecurity landscape that is constantly evolving.

Attackers are taking advantage of misconfigured email routing to send phishing emails that appear to come from within an organization. This tactic involves using Platforms as a Service (PhaaS), such as Tycoon2FA, to create these deceptive messages aimed at stealing user credentials. The vulnerability lies in the complex routing scenarios and inadequate spoof protections that companies have in place, making it easier for these phishing attempts to bypass security measures. Organizations need to be vigilant about their email configurations and ensure that their spoof protections are properly set up to prevent these types of attacks. Without proper safeguards, employees may unknowingly provide sensitive information to attackers posing as internal communications.

A newly discovered vulnerability in discontinued D-Link devices poses a serious risk, allowing attackers to execute arbitrary shell commands without authentication. This critical-severity flaw affects users of these outdated devices, which may still be in use despite not being supported or receiving updates from the manufacturer. The fact that the vulnerability is being actively exploited means that users should take immediate action to safeguard their networks. If left unaddressed, this could allow attackers to gain control over affected devices, potentially leading to larger network breaches. Users of D-Link products are advised to assess their device usage and consider replacing unsupported hardware to mitigate these risks.

Hackers are exploiting a serious vulnerability in older D-Link DSL routers, identified as CVE-2026-0625. This flaw allows attackers to execute commands remotely, potentially compromising users' devices and networks. The vulnerability has a high severity score of 9.3, which indicates that it poses a significant risk. Users of legacy D-Link DSL routers need to be aware of this issue as it could lead to unauthorized access and control over their internet-connected devices. As attackers actively exploit this flaw, it is crucial for affected users to take immediate action to protect their systems.

A hacker group known as Zestix has successfully breached around 50 companies by exploiting a lack of multi-factor authentication (MFA). These breaches involved the use of infostealers, which are malicious programs designed to gather sensitive information from users. The absence of MFA made it easier for attackers to gain access to sensitive data without needing additional verification steps. This incident serves as a stark reminder for businesses to implement stronger security measures, as it shows how quickly attackers can exploit basic vulnerabilities. Organizations that haven't adopted MFA may find themselves at greater risk of data theft and financial loss.

Email continues to be the main entry point for cyber attackers, with significant increases in various types of email threats. Malware delivered through email surged by over 130% year-over-year, while phishing scams rose by more than 20% and other scams increased by 30%. These alarming trends expose vulnerabilities across different industries, indicating that many security teams are still missing critical gaps in their defenses. As attackers increasingly exploit email for impersonation and account takeover, companies must reassess their email security strategies to better protect sensitive information and prevent breaches. The growing reliance on email as a communication tool makes it essential for organizations to prioritize security measures in this area.

Hackers using the RondoDox botnet are exploiting a vulnerability in Next.js known as React2Shell to take control of over 90,000 unpatched devices. This includes a range of products such as routers, smart cameras, and small business websites. The attack is particularly concerning because it targets devices that often lack regular updates or security patches, making them easy targets for cybercriminals. Users of these devices should be vigilant and consider updating their systems to protect against this growing threat. The scale of the devices affected raises alarms about the potential for widespread disruption if left unaddressed.

Over 10,000 Fortinet firewalls are currently at risk due to a two-factor authentication (2FA) bypass vulnerability that has been known for five years. This vulnerability allows attackers to exploit systems that have not implemented proper security measures, potentially granting them unauthorized access to sensitive data and networks. The issue is particularly pressing because it affects devices that are publicly accessible on the internet, increasing the likelihood of exploitation. Organizations using these firewalls need to act quickly to secure their systems and protect against potential breaches. It's crucial for users to verify their configurations and apply any available updates to mitigate this serious risk.

The European Space Agency (ESA) has confirmed a data breach after a hacker, known as '888', attempted to sell stolen data online. The breach involved external science servers, raising concerns about the security of sensitive information related to ESA's projects. This incident highlights the risks that organizations face from cybercriminals looking to exploit vulnerabilities for financial gain. The ESA's acknowledgment of the breach indicates that they are taking steps to address the situation, but the full scope of the data compromised remains unclear. As this breach could potentially affect ongoing scientific research and collaborations, it underscores the need for robust cybersecurity measures in institutions handling critical data.