15 Jul, 2026

New GoBruteforcer attack wave targets crypto, blockchain projects

A new wave of GoBruteforcer botnet malware attacks is targeting databases of cryptocurrency and blockchain projects on exposed servers believed to be configured using AI-generated examples. GoBrutforcer is also known as GoBrut. It is a Golang-based botnet that typically targets exposed FTP, MySQL, PostgreSQL, and phpMyAdmin services. The malware often relies on compromised Linux servers to scan random […]

3 mins read

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by including it in generated files. The flaw is a local file inclusion and path traversal that allows passing unsanitized paths to the file loading mechanism (loadFile) […]

2 mins read

Max severity Ni8mare flaw lets hackers hijack n8n servers

A maximum severity vulnerability dubbed “Ni8mare” allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform. The security issue is identified as CVE-2026-21858 and has a 10 out of 10 severity score. According to researchers at data security company Cyera, there are more than 100,000 vulnerable n8n servers. n8n is an open-source […]

3 mins read

Microsoft: Classic Outlook bug prevents opening encrypted emails

Microsoft is investigating a bug preventing recipients from opening encrypted emails in classic Outlook after a recent update. This known issue affects users who try to open messages encrypted with “Encrypt Only” permissions, which also allows copying, printing, and forwarding. “After updating to Current Channel Version 2511 (Build 19426.20218) recipients may not be able to […]

2 mins read

New Veeam vulnerabilities expose backup servers to RCE attacks

Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability. Tracked as CVE-2025-59470, this RCE security flaw affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds. “This vulnerability allows a Backup or Tape Operator to perform remote code execution […]

2 mins read

ownCloud urges users to enable MFA after credential theft reports

File-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using compromised credentials from stealing their data. ownCloud has over 200 million users worldwide, including hundreds of enterprise and public-sector organizations such as the European Organization for Nuclear Research, the European Commission, German tech company ZF Group, insurance firm Swiss Life, […]

2 mins read

UK announces plan to strengthen public sector cyber defenses

The United Kingdom has announced a new cybersecurity strategy, backed by more than £210 million ($283 million), to boost cyber defenses across government departments and the wider public sector. The new measures are part of the Government Cyber Action Plan that establishes a dedicated Government Cyber Unit to coordinate risk management and incident response, aiming to make online public services more […]

2 mins read

Taiwan says China’s attacks on its energy sector increased tenfold

The National Security Bureau in Taiwan says that China’s attacks on the country’s energy sector increased tenfold in 2025 compared to the previous year. A report from the agency highlights that attackers targeted critical infrastructure in nine key sectors, and the total number of cyber incidents linked to China grew by 6%. The emergency rescue […]

2 mins read

New D-Link flaw in legacy DSL routers actively exploited in attacks

Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway routers that went out of support years ago. The vulnerability is now tracked as CVE-2026-0625 and affects the dnscfg.cgi endpoint due to improper input sanitization in a CGI library. An unauthenticated attacker could leverage this to execute remote commands via DNS configuration parameters. Vulnerability intelligence company […]

2 mins read

Kimwolf Android botnet abuses residential proxies to infect internal devices

The Kimwolf botnet, an Android variant of the Aisuru malware, has grown to more than two million hosts, most of them infected by exploiting vulnerabilities in residential proxy networks to target devices on internal networks. Researchers observed increased activity for the malware since last August. Over the past month, Kimwolf has intensified its scanning of […]

4 mins read