A new attack variant against Cisco Secure Firewall ASA/FTD can force unexpected reloads, dropping VPNs and disrupting edge traffic. Reduce exposure, apply fixed releases, and harden management access. Validate HA under load and stream telemetry off-box to preserve evidence while you monitor for recurrence.
Texas sued Roblox, alleging deceptive child-safety claims, common nuisance, and predatory grooming patterns. The case spotlights how Robux incentives, off-platform chat, and moderation gaps expose kids—and what families can do right now.
CVE-2025-61757 is a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager’s REST APIs that CISA now lists as actively exploited. By abusing a security filter bypass and a Groovy compilation endpoint, attackers can run arbitrary code on identity-tier servers over HTTP. This article explains the exploit chain, CISA’s KEV deadline and how Oracle shops should patch, monitor and lock down their Identity Manager deployments.
TEE.Fail uses a DDR5 interposer to undermine enclave confidentiality on Intel TDX and AMD SEV-SNP. Because memory encryption lacks strong integrity here, defenders should rethink secrets, strengthen attestation, and tighten physical controls.
APT37 used stolen Google credentials to access Find Hub, check Android device locations, and trigger remote factory resets. The tactic lives in the cloud, not on the handset, so identity controls matter most. Enforce phishing-resistant MFA, restrict console actions, and rehearse rapid re-enrollment.
A new vulnerability in the W3 Total Cache WordPress plugin, tracked as CVE-2025-9501, lets unauthenticated attackers run PHP commands on the server by posting crafted comments. Because W3TC powers more than a million sites, this command injection bug creates an attractive path to remote code execution and full site takeover. This article explains how the flaw works, which versions are affected, and how to respond quickly without breaking performance.
A newly disclosed flaw in Adobe Commerce (formerly Magento) dubbed “SessionReaper” enables attackers to hijack live customer sessions via the REST API. With proof-of-concept exploit code now public and over 250 attacks detected in a single day, administrators must act immediately.
Ludwigshafen detected suspicious activity and took city IT offline to contain risk. Teams isolate systems, assess scope, and plan a safe, phased restoration while core services continue with workarounds.
A China-aligned threat group known as PlushDaemon runs a Chinese APT router hijacking campaign that implants EdgeStepper on vulnerable routers, reroutes software-update traffic for popular Chinese-language applications and delivers the SlowStepper espionage toolkit through trusted update channels, turning routine network gear into an adversary-in-the-middle platform.
A targeted malvertising campaign redirected users from Bing to a fake Teams download site, where a signed MSTeamsSetup.exe installed the Oyster backdoor — blocked just in time by Microsoft Defender ASR.