Shadowserver Foundation

Entity category: organization

Business

Ivanti EPMM “sleeper” webshells pose hidden threat

February 12, 2026
Ivanti logo with digital red code background, creating a tech-focused visual.

A critical vulnerability (CVE-2026-1281) in Ivanti's EPMM platform is being actively exploited, with attackers implanting hidden, dormant backdoors that are…

Read More »
Business

RondoDox Botnet Breaches Next.js Servers via React2Shell Flaw

January 2, 2026
Close-up of a black robot with a glowing red eye, surrounded by similar robots.

The RondoDox botnet is actively exploiting the critical React2Shell vulnerability (CVE-2025-55182) to compromise Next.js servers, deploying malware and cryptocurrency miners.…

Read More »
BigTech Companies

Cisco Customers Vulnerable to New Chinese Hacking Campaign

December 20, 2025
Illuminated Cisco logo with soundwave graphic at a trade show booth.

A Chinese state-sponsored hacking campaign is exploiting a critical zero-day vulnerability (CVE-2025-20393) in Cisco's Secure Email Gateway and Web Manager…

Read More »
Business

Over 266,000 F5 BIG-IP Systems Vulnerable to Remote Hacks

October 19, 2025
F5 Networks logo on a dark background with binary code and red circuit board lines.

Over 266,000 F5 BIG-IP systems are exposed online and vulnerable to remote attacks following a security breach by nation-state hackers…

Read More »
BigTech Companies

Microsoft GoAnywhere Flaw Fuels Ransomware Attacks

October 14, 2025
Close-up portrait of Medusa with vibrant green snakes for hair, intense green eyes, and a stylized, textured face.

A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT platform is being exploited by ransomware attackers, allowing remote access without user…

Read More »
BigTech Companies

Microsoft GoAnywhere Bug Fuels Medusa Ransomware Attacks

October 8, 2025
Intricate Medusa mask with snake hair and ornate metal detailing

A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere platform allows unauthenticated attackers to execute remote code, prompting urgent patching and removal…

Read More »
Business

Fortra Issues Critical Alert for GoAnywhere MFT Vulnerability

September 20, 2025
Fortra logo displayed on a dark background with red and blue accents.

Fortra has issued an urgent alert for a critical vulnerability (CVE-2025-10035) in GoAnywhere MFT software, allowing remote command injection due…

Read More »
Artificial Intelligence

Hackers Unleash HexStrike-AI to Exploit n-Day Flaws Faster

September 5, 2025
Digital head composed of glowing red and blue particles against a dark background with binary code.

AI-powered tools like HexStrike-AI are being repurposed by cybercriminals to automate attacks, drastically reducing the time between vulnerability disclosure and…

Read More »
Business

Over 800 N-able Servers Exposed to Critical Unpatched Flaws

August 19, 2025
N-able logo on a red and black background with vertical lines.

Over 800 N-able N-central servers remain vulnerable to two actively exploited critical flaws, CVE-2025-8875 and CVE-2025-8876, allowing attackers to execute…

Read More »
Cybersecurity

Pennsylvania AG’s email and website hit by cyberattack

August 15, 2025
Pennsylvania Attorney General Dave Sunday speaks at a conference, gesturing with his hands.

Pennsylvania’s Attorney General office experienced a major cyberattack, disrupting email, phone lines, and its website, forcing staff to operate with…

Read More »
Cybersecurity

3,000+ Unpatched NetScaler Devices Vulnerable to CitrixBleed 2

August 13, 2025
Citrix logo with a glitch effect on a dark red background.

Over 3,300 Citrix NetScaler systems remain unpatched against CVE-2025-5777 (CitrixBleed 2), exposing organizations to session hijacking and data theft despite…

Read More »
Cybersecurity

New Cyber Fund Boosts Security for Non-Profits

June 26, 2025
Abstract digital artwork featuring glowing nodes and lines interconnected across a dark background, resembling a futuristic network.

The Common Good Cyber Fund is a new initiative to bolster cybersecurity for non-profits serving public interest, focusing on critical…

Read More »
Cybersecurity

New Cyber Fund Backs Nonprofits Safeguarding the Internet

June 25, 2025
Common Good Cyber logo displayed over a binary code background with glowing red and white accents.

The Common Good Cyber Fund is a collaborative initiative aiming to strengthen global cybersecurity for vulnerable communities, with a goal…

Read More »
Business

Fortinet Flaws Exploited in Active Qilin Ransomware Attacks

June 8, 2025
Silhouette of a person in a hoodie, back to the camera, against a red and black background with digital code.

Qilin ransomware attacks are exploiting critical Fortinet vulnerabilities (CVE-2024-21762 and CVE-2024-55591), targeting unpatched devices and posing risks to organizations globally.…

Read More »