Friday , July 10 2026

Alert

Android Banking Malware “deVixor” Targets Users with Ransomware capabilities

deVixor

A new Android banking trojan called deVixor poses a serious risk to mobile users, featuring financial data theft, device surveillance, and ransomware in one malicious tool. The malware, active since October 2025, is a significant threat to Android users, luring victims with fake car websites and using Telegram for control. …

Read More »

CISA orders feds to fix Gogs RCE vuln exploited in zero-day attacks

Gogs

CISA has instructed government agencies to protect their systems from Gogs vulnerability exploited in zero-day attacks. Designated as CVE-2025-8110, this remote code execution (RCE) vulnerability originates from a path traversal issue within the PutContents API. It empowers authenticated attackers to circumvent the safety measures established for a previously resolved RCE …

Read More »

CIRT Alert
35 unique IP vulnarable via n8n (CVE:2026-21858) instances in Bangladesh

35

A total of 35 unique IP addresses have been identified exploitable via n8n instances (CVE: 2026-21858). BGD e-GOV CIRT advisory said, these IP address seems to be demonstrating active exploitation activity, indicating real-world targeting and compromise of vulnerable deployments. Affected versons: • n8n self-hosted instances running versions 1.65.0 to below …

Read More »

Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

ESXi

Hackers reportedly used a compromised SonicWall VPN appliance to gain access and deploy a VMware ESXi exploit, possibly created as early as February 2024. Huntress, a cybersecurity firm, detected activity in December 2025 and halted it before it escalated into a ransomware attack. The attack likely took advantage of three …

Read More »

Trend Micro warns of critical RCE vulnerability in Apex Central

Apex Central

Trend Micro fixed a critical security flaw in Apex Central (on-premise) that could let attackers run arbitrary code with SYSTEM privileges. The CVE-2025-69258 vulnerability allows unauthorized users to execute remote code by injecting malicious DLLs through simple attacks that need no user interaction. “A LoadLibraryEX vulnerability in Trend Micro Apex …

Read More »

BlueDelta Target Sophos VPN, Google, Microsoft OWA to Steal Credentials

BlueDelta

BlueDelta conducted a complex credential-harvesting operation targeting critical infrastructure and research institutions in 2025, as revealed by an investigation from Recorded Future’s Insikt Group. The campaigns leveraged legitimate PDF documents as bait, including publications from the Gulf Research Center titled “Strategic and Political Implications for Israel and Iran: The Day …

Read More »

PoC exploit for CVE-2025-38352 Android/Linux kernel vulnerability released

Linux kernel

A PoC exploit for CVE-2025-38352, a critical race condition flaw in the Linux kernel, is now available on GitHub. A vulnerability found this year affects POSIX CPU timers and had been used in targeted attacks on 32-bit Android devices. CVE-2025-38352 is a use-after-free (UAF) vulnerability in the Linux kernel’s handle_posix_cpu_timers() …

Read More »

FortiWeb Devices in Bangladesh Exploited via CVE-2025-55182 to Deploy Sliver C2

Sliver C2

Threat researchers found a sophisticated attack campaign aimed at FortiWeb firewalls worldwide, using the Sliver C2 framework for ongoing access and hidden proxy setups. Analyzing exposed Silver C2 databases and logs during open-directory threat hunting on Censys revealed a coordinated attack exploiting vulnerabilities in outdated FortiWeb devices. The threat actor …

Read More »

Over 10,000 Fortinet Firewalls Exposed to 5-Year-Old MFA Bypass Vuln

5

Over 10,000 Fortinet firewalls globally are still vulnerable to CVE-2020-12812, a flaw that allows bypassing multi-factor authentication (MFA) and was revealed over five years ago. Shadowserver added this issue to its daily Vulnerable HTTP Report. CVE-2020-12812 is due to inadequate authentication in FortiOS SSL VPN portals, impacting versions 6.4.0, 6.2.0 …

Read More »

80 internet-exposed MongoDB database instances found in Bangladesh

MongoDB

BGD e-GOV CIRT found 80 insecure MongoDB databases in Bangladesh exposed online, affected by the CVE-2025-14847 vulnerability (MongoBleed). This critical flaw allows remote attackers to access sensitive server data when zlib compression is enabled. MongoDB is often used to store personal, financial, and operational information. This exposure poses significant risks …

Read More »