17 Jul, 2026

RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk

The ImunifyAV malware scanner for Linux servers, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment. The issue affects versions of the AI-bolit malware scanning component prior to 32.7.4.0. The component is present in the Imunify360 suite, the paid ImunifyAV+, and […]

3 mins read

Washington Post data breach impacts nearly 10K employees, contractors

The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. The news organization is one of the largest daily newspapers in the U.S. with approximately 2.5 million digital subscribers. Between July 10 and August 22, threat actors accessed parts of […]

3 mins read

Microsoft rolls out screen capture prevention for Teams users

Microsoft is rolling out a new Teams feature for Premium customers that will automatically block screenshots and recordings during meetings. Microsoft announced the feature in May 2025, stating that the rollout would begin in July 2025. However, as revealed on Wednesday, this was delayed until early November. Named “Prevent screen capture,” it restricts access to visual meeting […]

2 mins read

Popular Android-based photo frames download malware on boot

Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time. Mobile security company Quokka conducted an in-depth security assessment on the Uhale app and found behavior suggesting a connection with the Mezmess and Voi1d malware families. The researchers reported the issues to ZEASN (now ‘Whale […]

3 mins read

CISA warns feds to fully patch actively exploited Cisco flaws

CISA warned U.S. federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. Tracked as CVE-2025-20362 and CVE-2025-20333, these security flaws allow remote threat actors to access restricted URL endpoints without authentication and gain code execution on vulnerable Cisco firewall devices, respectively. If chained, they can enable unauthenticated attackers to […]

2 mins read

Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations

Law enforcement authorities from nine countries have taken down over 1,000 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endgame, an international action targeting cybercrime. The joint action, coordinated by Europol and Eurojust, was also supported by multiple private partners, including Cryptolaemus, Shadowserver, Spycloud, Cymru, Proofpoint, CrowdStrike, […]

3 mins read

CISA warns of WatchGuard firewall flaw exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has warned government agencies to patch an actively exploited vulnerability impacting WatchGuard Firebox firewalls. Remote attackers can use this critical security flaw (CVE-2025-9242) to execute malicious code remotely on vulnerable devices by exploiting an out-of-bounds write weakness in firewalls running Fireware OS 11.x (end of life), 12.x, and 2025.1. […]

2 mins read

Google sues to dismantle Chinese phishing platform behind US toll scams

Google has filed a lawsuit to dismantle “Lighthouse”, a phishing-as-a-service (PhaaS) platform used by cybercriminals worldwide to steal credit card information through SMS phishing (“smishing”) attacks that impersonate the U.S. Postal Service (USPS) and E-ZPass toll systems. The lawsuit aims to shut down the website infrastructure supporting the Lighthouse phishing-as-a-service (PhaaS), which Google says has […]

4 mins read

Windows 11 now supports 3rd-party apps for native passkey management

Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden. This is possible after the Windows security team worked together with third-party managers to improve passwordless authentication by developing a passkey API for Windows 11.  The new feature has been introduced with the November […]

2 mins read

DanaBot malware is back to infecting Windows after 6-month break

The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement’s Operation Endgame disrupted its activity in May. According to security researchers at Zscaler ThreatLabz, there is a new variant of DanaBot, version 669, that has a command-and-control (C2) infrastructure using  Tor domains (.onion) and “backconnect” nodes. Zscaler also identified and […]

1 min read