A critical remote code execution (RCE) vulnerability, CVE-2025-24813, is now being actively exploited in the wild, allowing attackers to take over vulnerable Apache Tomcat servers with a single PUT API request, according to a report from Wallarm.

In December 2024, BI.ZONE researchers discovered a phishing campaign designed to trick victims into opening malicious attachments under the guise of job opportunities at an industrial organization.

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow.

While its scalability and integration capabilities make it a powerful tool for organizations, its misuse by adversaries for malicious purposes such as data exfiltration and phishing has raised significant security concerns.

Hackers can exploit a vulnerability in TP-Link TL-WR845N routers to gain full control over the system. This exploit allows unauthorized users to access the root shell credentials, giving them unrestricted access to manipulate and control the router.

The phishing emails targeted multiple US and European industries, including government, healthcare, supply chain, and retail. Some of the emails seen by Proofpoint use RFPs and contract lures to trick recipients into opening the links.

Cybersecurity experts have uncovered how hackers use CSS to deceive spam filters and monitor user behavior. This sophisticated technique allows malicious actors to remain under the radar while gaining insights into user preferences and actions.

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code.

A new threat assessment by the Danish Social Security Agency warns that nation-state hackers have an extensive technical understanding of the telecommunications sector’s infrastructure and protocols in cyberattacks against the industry abroad.

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free.