Alert

Mysterious Elephant is an active APT group identified by Kaspersky GReAT in 2023. It continually evolves its tactics to avoid detection. The group’s recent campaign, starting in early 2025, shows a notable change in their tactics, focusing more on new custom tools and open-source tools like BabShell and MemLoader. The …

A critical vulnerability was discovered in Smithery.ai, a well-known registry for Model Context Protocol (MCP) servers. This flaw could have let hackers steal data from over 3,000 AI servers and access API keys of thousands of users. MCP connects AI apps to external tools and data, such as local files …

Oracle’s October 2025 Critical Patch Update fixes 374 vulnerabilities in multiple products, making it one of the largest patches recently, covering databases, middleware, enterprise applications, and communication systems. As always, Oracle recommends that customers apply patches without delay, as many of the fixed vulnerabilities can be exploited remotely, even without …

During the first day of the Pwn2Own Ireland 2025 hacking contest by Trend Micro’s Zero Day Initiative, participants earned $522,500 for their exploits. 34 new vulnerabilities have been used to hack printers, NAS devices, routers, and smart home products. The top prize of $100,000 was given in the ‘SOHO Smashup’ …

TP-Link Systems has released a firmware update that fixes four serious vulnerabilities in its Omada gateway series, like ER605, ER7206, and ER8411, commonly used in businesses. These flaws—CVE-2025-6541, CVE-2025-6542, CVE-2025-7850, and CVE-2025-7851—can let attackers run arbitrary commands on the devices, sometimes without needing authentication. According to TP-Link’s advisory, “An arbitrary …

CISA has added five new CVEs to its Known Exploited Vulnerabilities catalog, including issues from Microsoft, Apple, and Oracle. The vulnerabilities flagged by CISA include: CVE-2022-48503 is a critical vulnerability (8.8 severity) in several Apple products that allows for arbitrary code execution via web content. Apple fixed it with better …

About 76,000 WatchGuard Firebox security devices are publicly exposed and vulnerable to a serious issue (CVE-2025-9242) that could let remote attackers execute code without authentication. Firebox devices serve as a central hub to manage traffic between internal and external networks, offering protection with policy management, security services, VPN, and real-time …

Volkswagen Group has responded to claims from the ransomware group 8Base, which says it has stolen and leaked sensitive data from the company. The German carmaker maintains that its core IT infrastructure remains unaffected; however, the company’s vague response leaves questions about the full scope of the incident and raises …

Oracle released an emergency security update over the weekend to fix a new vulnerability in E-Business Suite (EBS) that could allow remote access by unauthorized attackers. CVE-2025-61884 is an information disclosure vulnerability in the Runtime UI component, impacting EBS versions 12.2.3 to 12.2.14. It could enable unauthorized attackers to remotely …

Rocco Calvi, a security researcher, discovered a serious flaw in the TP-Link AX1800 WiFi 6 Router (Archer AX21/AX20) that enables local network attackers to execute code remotely as the root user. CVE-2023-28760 is a high-severity vulnerability (CVSS 7.5) in the MiniDLNA service of the router’s media-sharing feature. As described in …