Security Intelligence

Recent ASUS advisories address critical and exploited router flaws

ASUS has issued multiple critical security advisories affecting AiCloud-enabled routers, DSL router families, MyASUS,...

Security Intelligence

“Recent Links” feature used by online formatters exposes private data

Online code beautifiers’ “Recent Links” feature exposes sensitive credentials and private data, revealing major risks...

Security Intelligence

New Shai-Hulud variant uses preinstall script for credential theft

A new Shai-Hulud variant is abusing the npm registry with trojanized packages and malicious preinstall scripts enabling...

Security Intelligence

Weekly Threat Round-up: RCE in D-Link Routers, Chrome V8 Engine Exploited, & More

November 24th, 2025, Threat Round-up: This week’s threat intelligence newsletter updates include new PoCs published for...

Security Intelligence

Maximum-severity Grafana Enterprise vulnerability exposes identity provisioning

Critical privilege-escalation flaw in Grafana Enterprise (CVE-2025-41115) affects versions 12.0.0–12.2.1 when SCIM is...

Security Intelligence

POCs published for unpatched RCE vulnerabilities in D-Link routers

Critical, unauthenticated RCE flaws in D-Link’s DIR-878 060 router series now have public PoC exploits available. No...

Security Intelligence

Vulnerability in Chrome’s V8 engine actively exploited

A Chrome V8 type confusion flaw (CVE-2025-13223) is being exploited in the wild, affecting Chrome and other...

Security Intelligence

Fortinet discloses new FortiWeb flaw exploited before patch release

Fortinet published a security advisory disclosing CVE-2025-58034, a medium-severity flaw in FortiWeb that had been...

Security Intelligence

Akira ransomware targeting Nutanix AHV

Akira ransomware actors are adopting new TTPs, including targeting of virtual infrastructure such as Nutanix AHV and...

Security Intelligence

Weekly Threat Round-up: Synology Updates BeeStation, SAP Patch Day Releases, & Google Updates on AI Weaponization

November 17th, 2025 Threat Round-up: This week’s top threat intelligence newsletter updates include Synology patches...

Security Intelligence

Active exploitation of undisclosed FortiWeb flaw

A critical, actively exploited path traversal flaw in Fortinet FortiWeb allows unauthenticated attackers to create...

Security Intelligence

Publicly disclosed flaw enables RCE via malware scanning engine

CloudLinux patched a high-risk ImunifyAV/Imunify360 flaw in the AI-Bolit scanning engine that enables remote code...