Author: We Fix PC

Grafana Labs is warning of a maximum severity vulnerability (CVE-2025-41115) in its Enterprise product that can be exploited to treat new users as administrators or for privilege escalation. The issue is only exploitable when SCIM (System for Cross-domain Identity Management) provisioning is enabled and configured. Specifically, both ‘enableSCIM’ feature flag and ‘user_sync_enabled’ options must be […]

Update November 21, 12:04 EST: Story updated with information from hackers. American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors. However, the company noted that its systems were not breached as a result of this […]

Two British teenagers have denied charges related to an investigation into the breach of Transport for London (TfL) in August 2024, which caused millions of pounds in damage and exposed customer data. Believed to be members of the Scattered Spider hacking collective, 19-year-old Thalha Jubair from east London and 18-year-old Owen Flowers from Walsall were arrested at their homes […]

China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods. Since 2022, the malware has been delivered to victims through multiple methods that include spearphishing, supply-chain compromise, and watering hole attacks. Campaign evolution From November 2022 until at least September 2025, APT24 […]

Data from Italy’s national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization’s IT services provider, Almaviva. The hacker claims to have stolen 2.3 terabytes of data and leaked it on a dark web forum. According to the threat actor’s description, the leak includes confidential documents and sensitive company information. […]

Malicious scanning activity targeting Palo Alto Networks GlobalProtect VPN login portals has increased 40 times in 24 hours, indicating a coordinated campaign. Real-time intelligence company GreyNoise reports that activity began climbing on November 14 and hit its highest level in 90 days within a week. “GreyNoise has identified a significant escalation in malicious activity targeting Palo Alto […]

Salesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. The cloud-based software company noted that this doesn’t stem from a vulnerability in its customer relationship management (CRM) platform since all evidence points to the malicious activity being related to the app’s external connection […]

American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls. Tracked as CVE-2025-40601, this denial-of-service vulnerability is caused by a stack-based buffer overflow impacting Gen8 and Gen7 (hardware and virtual) firewalls. “A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows […]