Topic: targeted attacks
-
Apple Patches Critical Zero-Day Flaw Actively Exploited in Attacks
Apple has patched a critical zero-day vulnerability (CVE-2026-20700) in its dyld component, which was exploited in a sophisticated, targeted attack against older iOS versions. The updates also fix two related WebKit vulnerabilities, all discovered and reported by Google's Threat Analysis Group, t...
Read More » -
Urgent: Notepad++ Users, Check for Hacks Now
Notepad++'s update infrastructure was compromised for six months by sophisticated hackers linked to the Chinese state, who delivered malicious updates to targeted users. The attackers exploited insufficient update verification in older software versions, maintaining persistent access to redirect ...
Read More » -
70,000 Fake Bank Scam Emails Target Australians
A sophisticated callback scam impersonating major Australian banks has targeted tens of thousands of businesses, with over 70,000 detected attempts in one month, particularly affecting sectors like education, legal, and insurance. Scammers send hyper-realistic emails with fabricated transaction d...
Read More » -
Palo Alto Networks Login Portals Under Massive Attack Surge
A dramatic 500% surge in suspicious network scans is targeting Palo Alto Networks login portals, with over 1,285 unique IPs involved, indicating a coordinated reconnaissance campaign. The majority of scanning IPs originated from the U.S., with clusters focusing on targets in the U.S. and Pakistan...
Read More » -
Atlassian Jira Scammers Target Trusted Organizations
A sophisticated phishing campaign exploited Atlassian's Jira platform to send fraudulent emails that bypassed security filters by appearing as legitimate notifications from trusted domains. The attackers used localized content and targeted specific professional groups, leveraging trial accounts t...
Read More » -
SonicWall Cloud Backup Users Hit by Major Data Breach
A data breach at SonicWall exposed all customers' firewall configuration files stored on the MySonicWall cloud service, initially thought to affect fewer users but later confirmed as widespread. The stolen files contain encrypted credentials and configuration data, increasing the risk of targeted...
Read More » -
Urgent: NetScaler Zero-Day Exploit Actively Attacked (CVE-2025-7775)
Three critical vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway devices, with CVE-2025-7775 already being actively exploited for remote code execution and denial of service. Citrix has released security updates for affected versions and strongly advises immediate patching,...
Read More » -
Urgent Samsung Patch Stops Spyware Exploit
Samsung has released a critical security update for a vulnerability (CVE-2025-21042) in its image processing library, which was actively exploited to install the LANDFALL spyware on mobile devices. The spyware uses a zero-click infection method via manipulated image files, allowing it to infect d...
Read More » -
SonicWall Cloud Backup Users: Firewall Configs at Risk
SonicWall confirmed a security breach where attackers accessed encrypted firewall configuration backup files for all customers using its cloud backup service, potentially increasing future cyber-attack risks. The intrusion, detected in early September 2025, involved brute-force methods to collect...
Read More » -
Cisco Customers Vulnerable to New Chinese Hacking Campaign
A Chinese state-sponsored hacking campaign is exploiting a critical zero-day vulnerability (CVE-2025-20393) in Cisco's Secure Email Gateway and Web Manager software, primarily targeting systems in India, Thailand, and the United States. The attack surface is limited to hundreds of systems, as exp...
Read More » -
Urgent Apple Update Fixes Critical Security Exploits
Apple has released urgent security patches for two actively exploited zero-day vulnerabilities (CVE-2025-14174 and CVE-2025-43529) in its WebKit browser engine, which is used across iPhones, iPads, and Macs. The flaws, discovered through a collaboration between Apple and Google, could allow memor...
Read More »