RondoDox is a large-scale botnet active since June 2025, targeting 56 n-day vulnerabilities across over 30 device types, including routers, DVRs, and web servers. Since its discovery, the botnet has expanded its arsenal of exploits

A critical authentication bypass vulnerability (CVE-2025-5947) in the Service Finder WordPress theme is being actively exploited by threat actors. Over 13,800 exploitation attempts have been recorded since August 1.

DraftKings, a leading online sports betting and fantasy sports platform, has disclosed a security incident involving a credential stuffing attack that compromised an undisclosed number of user accounts.

An ASCII smuggling attack targets Google's Gemini AI assistant, exploiting its integration with Google Workspace to inject hidden instructions via Unicode characters. These payloads are invisible to users but are processed by the AI.

A recent data breach involving a third-party customer service provider has resulted in the unauthorized access and theft of personally identifiable information (PII) of Discord users.

A significant surge in reconnaissance scans has been detected targeting Palo Alto Networks login portals. Experts reported a 500% increase in scanning activity, with over 1,285 unique IPs involved on October 3.

A zero-day vulnerability (CVE-2025-27915) in Zimbra Collaboration Suite (ZCS) was actively exploited using malicious iCalendar files. The flaw, an XS) vulnerability, allowed attackers to execute arbitrary JavaScript in victim sessions.

A critical ingestion bug in Adobe Analytics caused cross-tenant data leakage, exposing customer tracking data from one organization to others. The issue lasted for nearly a day and affected multiple Adobe Analytics services globally.

A recent cybersecurity incident at Canadian airline WestJet has resulted in the exposure of sensitive customer data, including passport and government-issued ID information. The breach has been confirmed to involve personal data exfiltration.

A new phishing and malware distribution toolkit named MatrixPDF has emerged, enabling threat actors to weaponize PDF files for credential theft and malware delivery. It embeds JS actions that execute when a document is opened.