TBK DVRs Botnet Attack

Threat Actors are actively exploiting CVE-2024-3721, a command injection vulnerability in TBK DVR devices (Digital Video Recorders). This flaw allows unauthenticated remote code execution...

SimpleHelp Support Software Attack

FortiGuard Labs continues to observe ongoing attack attempts targeting SimpleHelp, a Remote Monitoring and Management (RMM) software, due to a critical unauthenticated path traversal...

UK ‘woefully’ unprepared for Chinese and Russian undersea cable sabotage, says report

CSRI finds China and Russia may be coordinating ‘grey zone’ tactics against vulnerable western infrastructureChina and Russia are stepping up sabotage operations targeting undersea...

F5 Labs Top CWEs & OWASP Top Ten Analysis

We expand our view to include CWE and OWASP, and we also examine the latest overall trends for June 2025. - Read more

European journalists targeted with Paragon Solutions spyware, say researchers

Citizen Lab says it found ‘digital fingerprints’ of military-grade spyware that Italy has admitted using against activistsThe hacking mystery roiling the Italian prime minister...

Reflections on a Year of Sunlight

The Certificate Transparency ecosystem has been improving transparency for the web PKI since 2013. It helps make clear exactly what certificates each certificate authority...

ANU investigates possible hack after vice-chancellor’s account liked ‘highly offensive’ LinkedIn posts

University spokesperson says Genevieve Bell’s account had ‘liked’ posts she had never seen before about Julie Bishop and GazaGet our breaking news email, free...

How We Reduced the Impact of Zombie Clients

Every night, right around midnight (mainly UTC), a horde of zombies wakes up and clamors for … digital certificates! The zombies in question are abandoned...

Delving Into the SparkRAT Remote Access Tool

Sensor Intel Series: May 2025 CVE Trends - Read more

Earth Lamia APT Attack

FortiGuard’s global sensor network report consistently high levels of attack attempts targeting vulnerabilities associated with Earth Lamia APT campaigns. According to Trend Research, the...

Latest article

Chromium: CVE-2026-2319 Race in DevTools

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. -...

Substack Breach May Have Leaked Nearly 700,000 User Details Online

Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online. The post...

Cryptojacking Campaign Exploits Driver to Boost Monero Mining

Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics - Read more

The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP

I don’t know about you, but when I think about “critical vulnerabilities,” I usually picture ransomware, data theft, or maybe a server falling over...