Friday , July 10 2026

Alert

JP CERT warns I-O DATA zero-day router flaws:Update Needed!

I-O DATA

Multiple vulnerabilities found in I-O DATA routers UD-LT1 and UD-LT1/EX are being actively exploited. JPCERT/CC, a Japanese cybersecurity organization, has warned that these issues could lead to serious attacks, including credential theft, command execution, and total firewall bypass. “The developer states that attacks exploiting these vulnerabilities have been observed,” warns …

Read More »

Telecoms on High Alert: CISA, NSA, FBI Publish joint guideline

CISA NSA FBI

National Security Agency (NSA), The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) jointly published guideline to enhanced visibility and hardening guidance for communications infrastructure providing best practices to protect against PRC affiliated threat actor. According to the guideline above mentioned threat actor has compromised networks …

Read More »

CISA Flags 3 Actively Exploited Vulnerabilities in KEV

CISA

CISA has issued an alert about three critical security vulnerabilities that are currently being exploited. These issues are now part of CISA’s Known Exploited Vulnerabilities (KEV) catalog and require urgent action from organizations and individuals to avoid potential risks. Vulnerability Breakdown: CVE-2023-45727 (CVSS 7.5): A vulnerability in Proself Enterprise/Standard Edition, …

Read More »

Cisco Confirms Active Exploitation Of Decade-Old WebVPN Vulnerability

WebVPN

Cisco has released an updated security advisory about CVE-2014-2120, a vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. This flaw, disclosed in 2014, allows unauthenticated remote attackers to perform cross-site scripting (XSS) attacks on WebVPN users. The advisory highlights that this vulnerability is currently being …

Read More »

IBM address multiple flaw in security verify access appliance

IBM

IBM revealed several critical vulnerabilities in its Security Verify Access Appliance, which could pose serious security risks to users identified as (CVE-2024-49803, CVE-2024-49804, CVE-2024-49805, CVE-2024-49806). These vulnerabilities affect versions 10.0.0 – 10.0.8 IF1. CVE-2024-49803 is a critical vulnerability with a CVSS score of 9.8. IBM cybersecurity researchers found that this …

Read More »

“Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks

Rockstar 2FA

Cybersecurity researchers are alerting users about phishing email campaigns using a toolkit called “Rockstar 2FA” to steal Microsoft 365 account credentials. These campaigns use advanced techniques to create fake landing pages resembling real Microsoft 365 login pages. Their main goal is to steal user credentials, targeting Microsoft accounts. This campaign …

Read More »

Uganda confirms hack of central bank accounts, Refutes $17 Million Claim

Bank of Uganda

Uganda’s finance ministry confirmed media reports that hackers breached the central bank’s systems and stole money, but refuted the claims to steal the money as much as $17 million. Uganda’s Minister of State for Finance, Henry Musasizi, addressed media reports alleging that a Southeast Asian hacker group hacked the Bank …

Read More »

CVE-2024-11667
Hackers actively exploiting Zyxel firewall to deploy Ransomware

Zyxel

CERT Germany and Zyxel have alerted about a serious vulnerability in Zyxel firewalls, identified as CVE-2024-11667. This flaw is being exploited to spread Helldown ransomware, with reports of at least five affected organizations in Germany. CVE-2024-11667 is a directory traversal vulnerability in Zyxel’s ZLD firmware versions 5.00 to 5.38. Exploiting …

Read More »

CIRT-in flags Critical Flaw in Oracle Agile PLM Framework

Oracle

CERT-In has flagged a security vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software, identified as CVE-2024-21287 and cataloged as CIVN-2024-0350. This high-risk threat was detected on November 26, 2024. CVE-2024-21287 affects Oracle Agile PLM Framework version 9.3.6, which is commonly used by organizations for managing product lifecycles and enhancing …

Read More »

Cisco Talos
Over 60% of Emails with QR Codes are spam

QR code

Generally scanning a malicious QR code from an unknown source can be harmful. Cisco Talos research shows that many people underestimate potential threats. Anti-spam filters can’t detect QR codes in images, allowing many spam emails to go unnoticed. While only 1 in 500 emails contains a QR code, around 60% …

Read More »