Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites

Threat actors have exploited a zero-day vulnerability in Craft CMS to execute PHP code on hundreds of websites.

The post Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ukrainian state and banking services restored after data center outage

A Ukrainian cloud provider said it had restored services after a power outage disrupted operations for customers including government agencies and major companies over the weekend.

The Record from Recorded Future News – ​Read More

Forget the Stack; Focus on Control

Security teams are under more pressure than ever — and cybersecurity debt is adding fuel to the fire. While it can’t be eliminated overnight, it can be managed.

darkreading – ​Read More

How Malwarebytes’ new security tools help stop online scams before it’s too late

Online fraud is costing billions – but Malwarebytes’ new tools could be the secret weapon companies need to protect themselves and fight back.

Latest stories for ZDNET in Security – ​Read More

M&S warehouse workers told not to come to work following cyberattack

About 20 percent of the logistics workers for U.K. retail giant M&S were told they could stay home as the company responded to a cyberattack.

The Record from Recorded Future News – ​Read More

8 ways to protect your privacy on Linux and keep your data safe

Using Linux is a good start – but it is not enough. These easy privacy tricks could mean the difference between secure and sorry.

Latest stories for ZDNET in Security – ​Read More

Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy

Toronto, Canada, 28th April 2025, CyberNewsWire

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Critical Vulnerabilities Found in Planet Technology Industrial Networking Products

Planet Technology industrial switches and network management products are affected by several critical vulnerabilities. 

The post Critical Vulnerabilities Found in Planet Technology Industrial Networking Products appeared first on SecurityWeek.

SecurityWeek – ​Read More

How Breaches Start: Breaking Down 5 Real Vulns

Not every security vulnerability is high risk on its own – but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities, uncovered by Intruder’s bug-hunting team, reveal how attackers turn overlooked flaws into serious security incidents.
1. Stealing AWS Credentials with a Redirect

Server-Side Request Forgery (SSRF) is a

The Hacker News – ​Read More

JokerOTP Dismantled After 28,000 Phishing Attacks, 2 Arrested

JokerOTP dismantled after 28,000 phishing attacks across 13 countries; UK and Dutch police arrest two suspects linked to £7.5M cyber fraud.

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More