Opinion – China’s Expanding Security Footprint in Africa
The trajectory of China as a long-term player in Africa’s security will be shaped by both its global ambitions and the continent’s own agency.
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Amazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (2021–2025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the […]
Microsoft Will Finally Kill an Encryption Cipher That Enabled a Decade of Windows Hacks
The weak RC4 for administrative authentication has been a hacker holy grail for decades.
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a vulnerability impacting multiple products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability, tracked as CVE-2025-59718 (CVSS Score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), […]
A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations
A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, over the weekend, disrupting its export operations. Venezuela’s state oil company PDVSA was hit by a cyberattack over the weekend that disrupted export operations. The company says the incident only affected some administrative systems and did not impact operations. “Thanks to the expertise […]
SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users
SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with follow-up DoS attacks by unnamed attackers while media reports allege involvement of ShinyHunters.
Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities
Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities.
Hackers are exploiting critical Fortinet flaws days after patch release
Threat actors are exploiting two critical Fortinet flaws, tracked as CVE-2025-59718 and CVE-2025-59719, days after patch release, impacting multiple Fortinet products. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), in Fortinet products days after patch release, Arctic Wolf warns. Last week, Fortinet addressed 18 vulnerabilities, including the two flaws […]
JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices
A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw.
Armed attack in Southeast Iran kills four
In an armed clash between militants and law enforcement forces at a checkpoint in Fahraj County, Kerman Province, southeastern Iran, three security and law enforcement personnel and one civilian were killed.