Cybersecurity researchers have identified a sophisticated supply chain attack targeting Arch Linux users through malicious packages designed to masquerade as Firefox browser variants. Three compromised […]
Category: Cyber Security News
CISA Alerts on Active Exploitation of Microsoft SharePoint Code Injection and Authentication Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding the active exploitation of two critical Microsoft SharePoint vulnerabilities, with organizations facing a […]
Chinese Hackers Exploit Active 0-Day Vulnerability in SharePoint Servers
Microsoft has confirmed that Chinese nation-state actors are actively exploiting zero-day vulnerabilities in on-premises SharePoint servers, prompting urgent security updates and immediate patching recommendations for […]
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities […]
Warning to feds: US infrastructure is under silent attack
Threat actors have become craftier as they increasingly target critical infrastructure, including operational technology (OT) environments such as electric grids, Nate Gleason, program leader at […]
UK proposal would forbid ransom payments by gov’t agencies, but will it meaningfully decrease ransomware attacks?
The UK government on Tuesday proposed an order that would forbid all government agencies and other government entities from making any ransom payments, regardless of […]
China Introduces National Cyber ID Amid Privacy Concerns
China officially rolled out a voluntary Internet identity system to protect citizens’ online identities and personal information, but critics worry about privacy and surveillance. ​The […]
3 China Nation-State Actors Target SharePoint Bugs
Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft’s recent disclosure of new vulnerabilities in on-premises editions of SharePoint Server. ​The […]
Majority of CISOs Lack Full Visibility Over APIs
New research by Salt Security has revealed that the majority of CISOs do not have full visibility over their API environments, despite recognition of the […]
Scavenger Malware Compromises Popular npm Packages to Target Developers
The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes. […]