Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Fortinet warns of new FortiWeb zero-day exploited in attacks
Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall security flaw was reported by Jason McFadyen of Trend Micro’s Trend Research team. Authenticated threat actors can gain code execution by successfully exploiting this OS command injection vulnerability in […]
Microsoft to integrate Sysmon directly into Windows 11, Server 2025
Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it unnecessary to deploy the standalone Sysinternals tools. “Next year, Windows updates for Windows 11 and Windows Server 2025 will bring Sysmon functionality natively to Windows,” reads an announcement by Sysinternals creator Mark Russinovich. “Sysmon functionality allows you […]
Microsoft Teams to let users report messages wrongly flagged as threats
Microsoft says that Teams users will be able to report false-positive threat alerts triggered by messages incorrectly flagged as malicious. This new feature was first announced in September, when it entered a targeted rollout phase, and will roll out to users worldwide by the end of November 2025. “Microsoft Teams now enables users to report messages they […]
French agency Pajemploi reports data breach affecting 1.2M people
Pajemploi, the French social security service for parents and home-based childcare providers, has suffered a data breach that may have exposed personal information of 1.2 million individuals. The incident impacts registered professional caregivers working for private employers, typically parents using the Pajemploi service part of URSSAF – the French organization that collects social security contributions from […]
Google fixes new Chrome zero-day flaw exploited in attacks
Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year. “Google is aware that an exploit for CVE-2025-13223 exists in the wild,” the search giant warned in a security advisory published on Monday. This high-severity vulnerability is caused by a type confusion weakness in Chrome’s V8 JavaScript engine, reported last […]
Malicious NPM packages abuse Adspect redirects to evade security
Seven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate researchers from potential victims and lead them to malicious locations. The purpose of the attack is to lead victims to cryptocurrency scam sites, according to an analysis from researchers at application security company Socket. All malicious packages were published under the developer […]
RondoDox botnet malware now hacks servers using XWiki flaw
The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S. Cybersecurity and Information Security Agency (CISA) marked the flaw as actively exploited. Now, a report from vulnerability intelligence company VulnCheck notes that CVE-2025-24893 is being leveraged in attacks by multiple threat actors, including botnet operators […]
Eurofiber France warns of breach after hacker tries to sell customer data
Eurofiber France disclosed a data breach it discovered late last week when hackers gained access to its ticket management system by exploiting a vulnerability and exfiltrated information. Eurofiber France SAS is the French unit of the Eurofiber Group N.V., a Dutch telecommunications service provider that operates a fiber network of 76,000 km across the Netherlands, Belgium, […]
Princeton University discloses data breach affecting donors, alumni
A Princeton University database was compromised in a cyberattack on November 10, exposing the personal information of alumni, donors, faculty members, and students. According to a FAQ page issued on Saturday, the threat actors breached Princeton’s systems by targeting a University employee in a phishing attack. This allowed them to gain access to “biographical information […]
Dutch police seizes 250 servers used by “bulletproof hosting” service
The police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing complete anonymity. Politie, the police force in the Netherlands, did not name the service but said that it has been used for illicit activities since 2022, and has emerged in more than […]