Follow on Google News
Suspected DPRK-linked intrusions hit crypto firms, steal cloud secrets, and raid container registries (report)
A suspected North Korea linked threat actor has compromised multiple cryptocurrency organizations and moved across the crypto supply chain, from staking platforms to exchange infrastructure,…
ClickFix malware campaign uses fake VCs on LinkedIn to target crypto and Web3 pros
A ClickFix malware campaign targets cryptocurrency and Web3 professionals by pretending to be venture capital investors on LinkedIn. Attackers start friendly, research-backed conversations, then push…
RedAlert mobile espionage campaign targets civilians with a trojanized rocket alert app
Attackers have spread a fake Android emergency alert app through SMS messages that impersonate Israel’s Home Front Command, according to CloudSEK. The malicious APK presents…
New MongoDB vulnerability lets attackers crash exposed servers with tiny requests
A newly documented MongoDB denial-of-service flaw, CVE-2026-25611, can let an unauthenticated attacker exhaust server memory and crash a MongoDB instance by sending specially crafted messages…
Threat actors intensify targeting of IP cameras across the Middle East amid ongoing conflict
Check Point Research says it observed a sharp rise in attempts to exploit internet-connected Hikvision and Dahua IP cameras across Israel, Qatar, Bahrain, Kuwait, the…
Cisco Secure Firewall Management Center flaw lets remote attackers bypass login and reach root
Cisco warned that a critical bug in Cisco Secure Firewall Management Center (FMC) can let a remote attacker bypass authentication through the web interface and…
Hackers mimic LastPass support email to steal vault passwords
LastPass warned customers about a new phishing campaign that began around March 1, 2026. Attackers send fake “forwarded email threads” that look like internal support…
Cisco Catalyst SD-WAN vulnerabilities let attackers gain high privileges and, in some cases, root
Cisco warned that multiple flaws in Cisco Catalyst SD-WAN Manager (formerly vManage) can let attackers bypass authentication, read sensitive data, overwrite files, and escalate privileges…
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
Security researchers have disclosed a critical FreeScout flaw that can let an attacker run commands on a FreeScout server by sending a single crafted email…
Google releases emergency Chrome update to fix 10 security vulnerabilities
Google has shipped a Chrome security update that moves the Stable channel to 145.0.7632.159/160 on Windows and macOS, and 145.0.7632.159 on Linux. Google published the…
November 21, 2025
1 comment 
