CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

/in

A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was addressed by the

The Hacker News – ​Read More

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

/in

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies.
“The threat actor then demonstrated their ability to persist in target environments across equipment from multiple

The Hacker News – ​Read More

China-linked hackers target European healthcare orgs in suspected espionage campaign

/in

A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said.

The Record from Recorded Future News – ​Read More

How to Sue a Company Under GDPR for Data Misuse and Privacy Violations

/in

Learn how to sue companies under GDPR for data misuse. Understand your rights, file complaints, and claim compensation…

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

Hacked, leaked, exposed: Why you should never use stalkerware apps

/in

Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

The National Institute of Standards and Technology Braces for Mass Firings

/in

Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell WIRED.

Security Latest – ​Read More

Your Android phone could have stalkerware. Here’s how to remove it

/in

This simple guide helps you identify and remove common consumer-grade spyware apps from your Android phone.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Stalkerware apps Cocospy and Spyic are exposing phone data of millions of people

/in

A bug in the Android and iPhone monitoring operations allows anyone to access private data exfiltrated from a victim’s device.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Ghost Ransomware Targets Orgs in 70+ Countries

/in

The China-backed threat group often acts swiftly, going from initial access to compromise in just one day, a behavior atypical of cybercriminal groups.

darkreading – ​Read More

OpenAI’s ChatGPT explodes to 400M weekly users, with GPT-5 on the way

/in

Credit: VentureBeat made with Midjourney

OpenAI’s ChatGPT reaches 400M weekly users and doubles enterprise adoption to 2M+ users, signals major AI shift as company prepares GPT-5 launch amid growing competition from DeepSeek and xAI.Read More

Security News | VentureBeat – ​Read More