New U-Boot flaws could enable stealthy firmware attacks
Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware. U-Boot is one of the world’s most widely used open-source bootloaders and is found in many embedded Linux devices, including […]
Ryuk ransomware member pleads guilty in the US, faces 15 years in prison
A 34-year-old Armenian man has pleaded guilty to hacking U.S. companies and deploying the infamous Ryuk ransomware to encrypt their systems. Karen Serobovich Vardanyan was extradited to the United States after beingĀ arrested in Kyiv in April 2025Ā for providing initial access to corporate networks. According to court documents, Vardanyan helped deploy Ryuk ransomware on the networks […]
Police suspects Dutch hackers were involved in Odido breach
The Dutch National Police (Politie) says it has found “strong indications” that Dutch hackers have been involved in a February breach at the telecommunications provider Odido. “This includes a telephone conversation that was made with Odido customer service shortly before the hack. In this conversation, a Dutch-speaking man posed as Odido’s IT employee. The company […]
Progress urges ShareFile admins to shut down servers over ācredibleā threat
Progress Software is emailing ShareFile customers who use Storage Zone Controllers to immediately shut down their servers after identifying what it describes as a “credible external security threat” targeting the on-premises secure file-sharing software. ShareFile is Progress Software’s enterprise secure file sharing and collaboration platform that allows customers to host their files in Progress’ cloud […]
Hackers exploit critical auth bypass in Gitea Docker image
Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to impersonate any user, including administrators. The security flaw is an authentication bypass vulnerability, tracked as CVE-2026-20896, that affects deployments using the default configuration, where reverse proxy authentication headers such as X-WEBAUTH-USER are enabled. Michael […]
Money launderer accused of stealing seized crypto while in prison
A Bulgarian national has been charged with stealing $290,000 in government-seized cryptocurrency while serving 121 months in prison for helping launder millions stolen from American fraud victims. 53-year-old Rossen G. Iossifov appeared in federal court in the Eastern District of Kentucky this Wednesday on charges of removal of property to prevent seizure and conspiracy to […]
Zimbra urges customers to patch critical web client XSS flaw
The Zimbra security team urged customers to patch a critical vulnerability affecting the Classic Web Client used to access the Zimbra Collaboration suite. Zimbra is a very popular email and collaboration software suite used by hundreds of millions of people, including thousands of businesses and hundreds of government agencies worldwide. Also known as the Classic […]
Former ransomware negotiator gets 4 years for BlackCat attacks
A former employee of cybersecurity incident response company DigitalMint was sentenced to 70 months in prison for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks. The FBI linked the BlackCat ransomware gang to more than 60 breaches between November 2021 and March 2022, adding in a separate advisory that the cybercrime group had collected at least $300 million […]
OpenMandriva Linux says contributor tried to sabotage the project
The OpenMandriva Linux project announced that it was the target of an attempted act of internal sabotage after a dispute among contributors. The attempted destructive action extended from wiping GitHub repositories to pushing an empty package that could have damaged users’ systems. OpenMandriva is an independent, community-run Linux distribution, forked from Mandriva Linux in 2012 […]
Injective SDK on npm infected with cryptocurrency wallet stealer
Hackers compromised the Injective Labs SDK project’s GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and mnemonic seed phrases. Application security companies Socket, Ox Security, and StepSecurity detected the supply-chain attack via version 1.20.21 of the @injectivelabs/sdk-ts npm package. Injective SDK […]