Next.js Flaw Allows Unauthorized Access
March 25, 2025
Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.
News
Next.js Flaw Allows Unauthorized Access
Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
A major cyberattack targeted Ukraine's railway system, disrupting online services but not train operations. Restoration efforts are ongoing.
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
Chinese Weaver Ant hackers infiltrated a telecom network for over four years, using advanced techniques like web shell tunneling and data exfiltration.
Astral Foods Cyberattack: R20 Million Profit Plunge
Astral Foods suffered a cyberattack causing a R20 million profit loss and operational disruption. Swift recovery was implemented, but the incident highlights the need for ...
VanHelsing Ransomware Targets Multiple Platforms Including Windows and ESXi Systems
The new VanHelsing ransomware targets various systems, employing advanced encryption techniques and demanding ransoms up to $500,000 from its victims.
INTERPOL Operation Red Card Nets 300 Cybercrime Suspects in Africa
INTERPOL's Operation Red Card resulted in the arrest of 306 cybercrime suspects across seven African nations, seizing thousands of devices used in various scams.
Oracle Cloud Breach Compromises 6 Million Records, Threatening 140,000 Businesses
A massive Oracle Cloud breach exposed 6 million records, impacting 140,000 businesses. The attacker, "rose87168," is selling the data and demanding ransoms.
NYU Data Breach: Class Action Lawsuit Investigation Underway
NYU's March 2025 data breach exposed millions of applicants' personal data, prompting a class action lawsuit investigation. Attorneys seek to recover compensation for affected individuals.
Microsoft’s Trusted Signing Service Abused to Code-Sign Malware
Microsoft's Trusted Signing service is being abused to code-sign malware using short-lived certificates. This allows malicious software to bypass security and appear legitimate. Microsoft is ...
Coinbase Targeted in GitHub Actions Breach
A major GitHub Actions breach targeted Coinbase, exploiting the tj-actions/changed-files action to steal secrets. Although Coinbase claims no damage, the attack highlights supply chain vulnerabilities.
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
March 25, 2025
A major cyberattack targeted Ukraine’s railway system, disrupting online services but not train operations. Restoration efforts are ongoing.
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
March 25, 2025
Chinese Weaver Ant hackers infiltrated a telecom network for over four years, using advanced techniques like web shell tunneling and
Astral Foods Cyberattack: R20 Million Profit Plunge
March 25, 2025
Astral Foods suffered a cyberattack causing a R20 million profit loss and operational disruption. Swift recovery was implemented, but the
VanHelsing Ransomware Targets Multiple Platforms Including Windows and ESXi Systems
March 25, 2025
The new VanHelsing ransomware targets various systems, employing advanced encryption techniques and demanding ransoms up to $500,000 from its victims.
INTERPOL Operation Red Card Nets 300 Cybercrime Suspects in Africa
March 25, 2025
INTERPOL’s Operation Red Card resulted in the arrest of 306 cybercrime suspects across seven African nations, seizing thousands of devices
Oracle Cloud Breach Compromises 6 Million Records, Threatening 140,000 Businesses
March 24, 2025
A massive Oracle Cloud breach exposed 6 million records, impacting 140,000 businesses. The attacker, “rose87168,” is selling the data and
NYU Data Breach: Class Action Lawsuit Investigation Underway
March 24, 2025
NYU’s March 2025 data breach exposed millions of applicants’ personal data, prompting a class action lawsuit investigation. Attorneys seek to
Microsoft’s Trusted Signing Service Abused to Code-Sign Malware
March 24, 2025
Microsoft’s Trusted Signing service is being abused to code-sign malware using short-lived certificates. This allows malicious software to bypass security
Coinbase Targeted in GitHub Actions Breach
March 24, 2025
A major GitHub Actions breach targeted Coinbase, exploiting the tj-actions/changed-files action to steal secrets. Although Coinbase claims no damage, the
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.