February 10, 2026
Headlines
Home » vulnerability » Page 7

Category: vulnerability

Custom illustration showing fake software installers with TamperedChef branding dropping a hidden JavaScript backdoor on a workstation.

TamperedChef Malware Uses Fake Installers in Global Campaign

yohanmanuja06 mins

TamperedChef malware no longer hides only behind a rogue PDF editor. In its latest evolution, the campaign uses signed fake software installers, malvertising and SEO poisoning to deliver an obfuscated JavaScript backdoor via a dropped XML-scheduled task. Telemetry shows a strong footprint in the U.S. and heavy impact on healthcare, construction and manufacturing, where users often search online for product manuals and tools. This article unpacks the global infrastructure, shell-company certificates and execution chain so defenders can hunt and harden effectively.

Read More
Custom illustration showing a WordPress dashboard, W3 Total Cache plugin icon, and a warning overlay about CVE-2025-9501 command injection risk

W3 Total Cache Plugin Bug Threatens Over 1 Million WordPress

yohanmanuja07 mins

A new vulnerability in the W3 Total Cache WordPress plugin, tracked as CVE-2025-9501, lets unauthenticated attackers run PHP commands on the server by posting crafted comments. Because W3TC powers more than a million sites, this command injection bug creates an attractive path to remote code execution and full site takeover. This article explains how the flaw works, which versions are affected, and how to respond quickly without breaking performance.

Read More
Custom illustration showing a Microsoft Entra guest invitation overlaid with a warning about TOAD callback phishing attacks

Hackers Exploit Microsoft Tenant Invitations for TOAD Phishing

yohanmanuja56 mins

Threat actors are abusing Microsoft Entra tenant invitations to run TOAD (Telephone-Oriented Attack Delivery) phishing campaigns that look like legitimate Microsoft 365 billing notifications. Instead of pushing links or attachments, they convince users to call attacker-controlled “support” numbers, where credentials and remote-access authorizations are harvested. This analysis explains how the attack chain works, which guest invitation properties are being misused, and how security teams can hunt for and mitigate these callbacks.

Read More
FortiWeb web application firewall exploited via CVE-2025-64446 path traversal to gain administrative command execution using a public PoC tool

PoC Exploit Tool Targets FortiWeb CVE-2025-64446 Path Traversal

yohanmanuja26 mins

A public PoC exploit tool for CVE-2025-64446 now turns FortiWeb WAF appliances into high-value RCE targets. The bug uses a relative path traversal flaw to execute administrative commands over HTTP or HTTPS, and active exploitation in the wild, CISA KEV inclusion, and GitHub tooling mean security teams must urgently patch, lock down management access, and fold FortiWeb into their broader Fortinet and perimeter compromise playbooks.

Read More
Concept image showing Akira ransomware attacks spreading across global networks through VPN and firewall weaknesses.

How Akira Ransomware Turned VPN Weaknesses Into a $244M

yohanmanuja27 mins

Akira ransomware has evolved into one of the most disruptive ransomware-as-a-service operations, hitting more than 250 organizations and extorting over $244 million. This article walks through how Akira gains initial access, exploits VPN and firewall weaknesses, moves laterally, and applies double extortion — then outlines practical defenses security teams can deploy now.

Read More