A newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The vulnerability is rated 8.9 (High) on the CVSS 4.0 scale.

A newly disclosed vulnerability in ModSecurity, a widely used open-source web application firewall (WAF), exposes servers to denial-of-service (DoS) attacks by exploiting a flaw in the way the software parses empty XML elements.

A sophisticated phishing campaign, likely operated by China-based cybercriminals, is targeting global online shoppers through thousands of fraudulent retail websites impersonating major brands.

Surmodics, a Minnesota-based medical device manufacturer, reported a cyberattack discovered on June 5, 2025, which forced the company to shut down parts of its IT infrastructure.

The flaw involves hardcoded root SSH credentials that could allow unauthenticated remote attackers to gain root access to affected systems. Successful exploitation of this vulnerability allows attackers to log in remotely with root privileges.

A large-scale malicious campaign has been uncovered involving over 40 fake cryptocurrency wallet extensions on the Firefox add-ons store. These extensions impersonate legitimate wallets to steal sensitive user data.

Hackers are increasingly leveraging LNK files to deliver malware, with malicious LNK samples rising from 21,098 in 2023 to 68,392 in 2024. They exploit the flexibility of LNKs to execute malicious payloads while masquerading as legitimate files.

Kelly Benefits disclosed a significant data breach that affected over 553,000 individuals. The breach, which occurred in December 2024, has impacted dozens of corporate clients across critical sectors including healthcare and financial services.

Australian airline Qantas detected a cyberattack involving a third-party platform used by its contact center. The breach, publicly disclosed on July 2, 2025, potentially exposed personal data of up to six million customers.

The CISA added two vulnerabilities in TeleMessage TM SGNL to its KEV catalog. These flaws—CVE-2025-48927 and CVE-2025-48928—have been actively exploited in the wild and pose a significant risk to federal and private sector networks.