A critical vulnerability in the Service Finder Bookings plugin bundled with the Service Finder WordPress theme allows unauthenticated attackers to log in as administrators. The flaw, tracked as CVE-2025-5947, is actively exploited in the wild with a CVSS 9.8 rating. Users must patch immediately to prevent takeovers.
Security researchers have exposed a large-scale espionage campaign where Chinese hackers weaponized open-source tools to infiltrate critical infrastructure systems worldwide. The operation showcases a shift toward covert, community-blended tactics where public codebases become vectors for nation-state exploitation.
In 2025 alone, North Korean hacker groups have stolen over $2 billion in cryptocurrency funding state operations and deepening reliance on digital crime. They target exchanges, DeFi bridges, and individual holders, laundering via mixers and OTC channels. This escalation signals a bold shift in DPRK’s cyber financing, demanding vigilance from exchanges and regulators alike.
A Redis vulnerability (CVE-2025-23345) active for 13 years exposes servers to remote code execution. Rated CVSS 10.0, it affects millions of instances.
A 0-day buffer overflow vulnerability in Cisco ASA and FTD devices, exploitable via WebVPN, allows unauthenticated remote code execution. Cisco has released patches and issued guidance for mitigation.
ParkMobile breach victims will receive a $1 parking credit as part of a 2025 class-action settlement. The 2021 incident exposed 21 million user records.
A public PoC exploit for CVE-2025-32463 in Sudo has been released, enabling local privilege escalation to root. Linux users are urged to update to Sudo 1.9.16p1.
A recently disclosed Chrome RCE exploit uses Wasm and JavaScript to manipulate memory and execute shellcode in the browser. Update to version M137.0.7151.57 immediately to prevent remote compromise.
A zero-day vulnerability in Oracle E-Business Suite, CVE-2025-61882, has been actively exploited by Cl0p in data theft campaigns. Oracle’s emergency patch addresses unauthenticated remote code execution in the BI Publisher integration component.
Researchers discovered a zero-day in Zimbra webmail where malicious JavaScript injected into .ICS calendar files executes within session context — allowing attackers to steal emails, credentials, and forward mail.