Craft CMS RCE exploit chain used in zero-day attacks to steal data
SkyNet Automation Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with…
April 2025
Marks & Spencer pauses online orders after cyberattack
British retailer giant Marks & Spencer (M&S) has suspended online orders while working to recover from a recently…
Mobile provider MTN says cyberattack compromised customer data
African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of…
Windows “inetpub” security fix can be abused to block future updates
A recent Windows security update that creates an ‘inetpub’ folder has introduced a new weakness allowing attackers to…
Baltimore City Public Schools data breach affects over 31,000 people
Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an…
SAP fixes suspected Netweaver zero-day exploited in attacks
SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively…
SAP fixes critical Netweaver flaw exploited in attacks
SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability…
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications…
Microsoft announces fix for CPU spikes when typing in Outlook
Microsoft says it will soon fix a known issue causing CPU spikes when typing messages in recent versions…
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees…