CISA on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
CVE-2025-49113 (CVSS score: 9.9) - A deserialization of untrusted data vulnerability that allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php. (Fixed in June 2025)
CVE-2025-49113 (CVSS score: 9.9) - A deserialization of untrusted data vulnerability that allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php. (Fixed in June 2025)
Cyber Dispatch™️
CISA on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. CVE-2025-49113 (CVSS score: 9.9) - A deserialization of untrusted data vulnerability…
CVE-2025-68461 (CVSS score: 7.2) - A cross-site scripting vulnerability via the animate tag in an SVG document. (Fixed in December 2025)
Cyber Dispatch™️
هجمات إلكترونية شديدة على بنى تحتية في الإمارات ..
Severe cyberattacks on infrastructure in the UAE.
Yesterday, Hackers leaked the names of the 10 core members serving in the "C4I unit" in Israel.
Researchers found 19 malicious npm packages spreading SANDWORM_MODE.
The worm steals npm/GitHub tokens, SSH keys, API secrets, and crypto keys, then propagates using stolen identities. It also injects into AI coding tools to harvest LLM API keys.
The worm steals npm/GitHub tokens, SSH keys, API secrets, and crypto keys, then propagates using stolen identities. It also injects into AI coding tools to harvest LLM API keys.
Microsoft says a Copilot bug (CW1226324) let Microsoft 365 Copilot summarize confidential emails, bypassing DLP policies.
Since Jan 21, 2026, emails in Sent Items and Drafts with sensitivity labels were processed in Copilot Chat without permission.
Since Jan 21, 2026, emails in Sent Items and Drafts with sensitivity labels were processed in Copilot Chat without permission.
MuddyWater Team launched Operation Olalampo on Jan 26, 2026, targeting organizations across MENA.
Group-IB says phishing Office macros drop new malware—GhostFetch, GhostBackDoor, HTTP_VIP, and the Rust backdoor CHAR.
Some variants use Telegram for control, with signs of AI-assisted development.
Group-IB says phishing Office macros drop new malware—GhostFetch, GhostBackDoor, HTTP_VIP, and the Rust backdoor CHAR.
Some variants use Telegram for control, with signs of AI-assisted development.
A new Go-based RAT, #Moonrise, evades AVs and escalates from one infected endpoint to network-wide compromise.
The impact includes credential theft and hidden audio/video surveillance.
The impact includes credential theft and hidden audio/video surveillance.
In the last year, there has been a 168% surge in DDoS attacks and an increase of more than 120% in application-layer attacks, with 12.2% of cyberattacks worldwide directed at Israel, according to Radware’s 2026 Global Cyber Threat report.
Operation Israel hacktivists have been running sustained distributed denial-of-service (DDoS) campaigns against Israeli government websites, critical infrastructure, and private-sector companies.
Operation Israel hacktivists have been running sustained distributed denial-of-service (DDoS) campaigns against Israeli government websites, critical infrastructure, and private-sector companies.
Forwarded from إعلام المقاومة الفلسطينية
Our team will bring you live, comprehensive coverage of the war between the United States and Israel on one side, and Iran, Hezbollah, and Yemen’s Ansarallah movement on the other.
@PsResistMedia
@PsResistMedia
Exploitation of two Ivanti EPMM RCEs (CVE-2026-1281, CVE-2026-1340) surges globally. Attackers deploying persistent backdoors. Patch fast and hunt for compromise.
Critical RCE (CVE-2026-2329, CVSS 9.3) in Grandstream GXP1600 VoIP phones could enable call eavesdropping.
Patch to firmware 1.0.7.81 immediately.
Patch to firmware 1.0.7.81 immediately.
في إحاطة سرية عام 2023، تم تحذير عدد قليل من كبار المديرين التنفيذيين في مجال التكنولوجيا، بمن فيهم المدير التنفيذي لشركة آبل، إنفيديا، إيه إم دي وكوالكوم، من أن الصين قد تهاجم تايوان بحلول عام 2027
European diplomat’s Starlink and satellite phones seized at Tehran airport.
يديعوت أحرونوت:
الهيئة الوطنية للأمن السيبراني تفحص شبهات حول حدوث اختراق إلكتروني إيراني لمؤسسة صندوق كلاليت الصحي ..
الهيئة الوطنية للأمن السيبراني تفحص شبهات حول حدوث اختراق إلكتروني إيراني لمؤسسة صندوق كلاليت الصحي ..
A former L3Harris employee was sentenced to just over 7 years for selling 8 zero-day exploits to Russian broker Operation Zero.
Prosecutors say he received up to $4M in crypto, and the theft is estimated to have cost L3Harris $35M.
Prosecutors say he received up to $4M in crypto, and the theft is estimated to have cost L3Harris $35M.
Microsoft just open-sourced LiteBox, a Rust-based sandboxing library OS.
Developed via the LVBS project, it shrinks attack surfaces by stripping the interface between apps and the host. It enables unmodified Linux programs to run securely on Windows or within isolated Linux environments.
Developed via the LVBS project, it shrinks attack surfaces by stripping the interface between apps and the host. It enables unmodified Linux programs to run securely on Windows or within isolated Linux environments.
CISA added CVE-2026-25108 to its KEV list after active exploitation. The FileZen bug allows an authenticated user to execute OS commands via crafted HTTP requests.
Impacts versions 4.2.1–4.2.8 and 5.0.0–5.0.10 when Antivirus Check is enabled. At least one incident confirmed.
Impacts versions 4.2.1–4.2.8 and 5.0.0–5.0.10 when Antivirus Check is enabled. At least one incident confirmed.
SolarWinds patched four critical 9.1 CVSS flaws in Serv-U that can lead to remote code execution as root.
SolarWinds says there’s no sign of active attacks, but earlier Serv-U flaws were used by Storm-0322.
SolarWinds says there’s no sign of active attacks, but earlier Serv-U flaws were used by Storm-0322.
A flaw in #GitHub Codespaces let attackers hide malicious Copilot instructions inside a GitHub issue.
When a developer opened a Codespace from that issue, Copilot could silently run the injected prompt and leak a privileged GITHUB_TOKEN.
The research also warns of “promptware” attacks built entirely through prompts.
When a developer opened a Codespace from that issue, Copilot could silently run the injected prompt and leak a privileged GITHUB_TOKEN.
The research also warns of “promptware” attacks built entirely through prompts.