Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. The security vulnerability (CVE-2025-54309) is due to mishandled AS2 validation and impacts all CrushFTP versions below 10.8.5 and 11.3.4_23. The vendor tagged the flaw as actively exploited in the wild on July 19th, noting that […]

Dell confirms breach of test lab platform by World Leaks extortion group

A newly rebranded extortion gang known as “World Leaks” breached one of Dell’s product demonstration platforms earlier this month and is now trying to extort the company into paying a ransom. Dell acknowledged the incident to BleepingComputer, confirming that the threat actor had breached its Customer Solution Centers platform, which is used to demonstrate Dell products and […]

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. In May, during the Berlin Pwn2Own hacking contest, researchers exploited a zero-day vulnerability chain called “ToolShell,” which enabled them to achieve remote code execution in Microsoft SharePoint. These flaws were fixed as […]

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Update 7/21/25: Added links to the security updates for Microsoft SharePoint 2019. Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. In May, Viettel Cyber Security researchers chained two Microsoft SharePoint flaws, CVE-2025-49706 and […]

Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past, distributing emails containing crypto seed phrases used to drain cryptocurrency […]

Popular npm linter packages hijacked via phishing to drop malware

Popular JavaScript libraries were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. The npm package eslint-config-prettier, downloaded over 30 million times weekly, was compromised after its maintainer fell victim to a phishing attack. Another package eslint-plugin-prettier from the same maintainer was also targeted. The attacker(s) used […]

ChatGPT”s GPT-5-reasoning-alpha model spotted ahead of launch

GPT-5 might be just a few days or weeks away, as we’ve spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13. As spotted on X, OpenAI is testing a model called “gpt-5-reasoning-alpha-2025-07-13.” This model was finalised on the 13th of July, and it appears to be the final round of testing. “Models: openai/gpt-5-reasoning-alpha-2025-07-13: reasoning_effort: high,” one […]

New CrushFTP zero-day exploited in attacks to hijack servers

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. CrushFTP is an enterprise file transfer server used by organizations to securely share and manage files over FTP, SFTP, HTTP/S, and other protocols. According to CrushFTP, threat […]