How (almost) any phone number can be tracked via WhatsApp & Signal – open-source PoC
https://www.reddit.com/r/netsec/comments/1pgmnnn/how_almost_any_phone_number_can_be_tracked_via/
CrowdCyber
npub1xm6q...7acu
Revolutionizing and Democratizing Cybersecurity
Operation DUPEHIKE Hits Russian HR: Bonus Lure Delivers DUPERUNNER and Adaptix C2 via Process Injection
Daily CyberSecurity
Operation DUPEHIKE Hits Russian HR: Bonus Lure Delivers DUPERUNNER and Adaptix C2 via Process Injection
SEQRITE exposed Operation DUPEHIKE targeting Russian HR with a malicious LNK bonus lure. The DUPERUNNER implant uses PowerShell and process injecti...
Russian Calisto APT Targets Reporters Without Borders with Custom AiTM Phishing and “Missing File” Lure
Daily CyberSecurity
Russian Calisto APT Targets Reporters Without Borders with Custom AiTM Phishing and "Missing File" Lure
Sekoia exposed Russian Calisto APT (FSB-linked) targeting RSF and NGOs with spear-phishing. The attack uses a custom AiTM kit and a "missing fi...
High-Severity Cacti Flaw (CVE-2025-66399) Risks Remote Code Execution via SNMP Community String Injection
Daily CyberSecurity
High-Severity Cacti Flaw (CVE-2025-66399) Risks Remote Code Execution via SNMP Community String Injection
A High-severity RCE flaw (CVE-2025-66399) in Cacti allows authenticated attackers to execute commands by injecting newline characters into the SNMP...
Student Sells Gov't, University Sites to Chinese Actors
Dark Reading
Student Sells Gov
It
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
BleepingComputer
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers ...
Using ClickHouse for Real-Time L7 DDoS & Bot Traffic Analytics with Tempesta FW
https://www.reddit.com/r/netsec/comments/1pdd7gt/using_clickhouse_for_realtime_l7_ddos_bot_traffic/
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells
BleepingComputer
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells
Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users.
New wave of VPN login attempts targets Palo Alto GlobalProtect portals
BleepingComputer
New wave of VPN login attempts targets Palo Alto GlobalProtect portals
A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity against SonicWall SonicO...
Attackers have a new way to slip past MFA in educational orgs
Malwarebytes
Attackers have a new way to slip past MFA in educational orgs
Researchers are seeing a rise in Evilginx to steal session cookies, letting them bypass the need for a multi-factor authentication (MFA) token amon...
China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage
Daily CyberSecurity
China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage
China-linked APT UNC5174 is using a Go-based backdoor that abuses the Discord API as a covert C2 channel. This method allows the lightweight malwar...
React2Shell Vulnerability Under Attack From China-Nexus Groups
Dark Reading
React2Shell Vulnerability Under Attack From China-Nexus Groups
A maximum-severity vulnerability affecting the React JavaScript library has been exploited in the wild, further stressing the need to patch now.
Leaks show Intellexa burning zero-days to keep Predator spyware running
Malwarebytes
Leaks show Intellexa burning zero-days to keep Predator spyware running
A fresh investigation uncovers how Predator spyware still reaches victims through high-priced, newly bought zero-days.
IACR Nullifies Election Because of Lost Decryption Key
Schneier on Security
IACR Nullifies Election Because of Lost Decryption Key - Schneier on Security
The International Association of Cryptologic Research—the academic cryptography association that’s been putting conferences like Crypto...
Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass
Daily CyberSecurity
Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass
Apache HTTP Server 2.4.66 patched five flaws. Key fixes include a moderate SSRF flaw (CVE-2025-59775) that risks NTLM hash leakage on Windows, and ...
Barts Health NHS discloses data breach after Oracle zero-day hack
BleepingComputer
Barts Health NHS discloses data breach after Oracle zero-day hack
Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-bu...
Cloudflare blames today's outage on React2Shell mitigations
BleepingComputer
Cloudflare blames today's outage on React2Shell mitigations
Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively ...
The PDF Trap: Critical Vulnerability (CVE-2025-66516, CVSS 10.0) Hits Apache Tika Core
Daily CyberSecurity
The PDF Trap: Critical Vulnerability (CVE-2025-66516, CVSS 10.0) Hits Apache Tika Core
Apache patched a Catastrophic XXE flaw (CVE-2025-66516, CVSS 10.0) in Tika Core. The bug is exploitable via malicious XFA data inside a PDF, riskin...
“React2Shell” Storm: China-Nexus Groups Weaponize Critical React Flaw Hours After Disclosure
Daily CyberSecurity
"React2Shell" Storm: China-Nexus Groups Weaponize Critical React Flaw Hours After Disclosure
Amazon exposed Chinese APTs exploiting the React2Shell zero-day (CVE-2025-55182, CVSS 10.0) hours after disclosure. Earth Lamia and Jackpot Panda a...
React2Shell critical flaw actively exploited in China-linked attacks
BleepingComputer
Critical React2Shell flaw actively exploited in China-linked attacks
Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and Next.js just hours after th...