WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly…
Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software
The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional…
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper…
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its…
Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild
Fortinet has warned of a new security flaw in FortiWeb that it said has been exploited in the…
⚡ Weekly Recap: Fortinet Exploited, China’s AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent…
5 Reasons Why Attackers Are Phishing Over LinkedIn
Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking…
Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT
The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER…
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Google has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in…
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw…