Anthropic reports it detected and disrupted a large-scale cyberespionage operation attributed to Chinese-linked group GTG-1002, asserting that up to 90% of the activity was automated via Claude Code. While the allegation has generated attention, the security community has responded with caution, citing a lack of technical detail, unverifiable methodology, and limited evidence of novel tradecraft. … Read more

Fortinet has confirmed broad, in‑the‑wild exploitation of a critical zero‑day vulnerability in the FortiWeb web application firewall (WAF). Tracked as CVE‑2025‑64446, the flaw enables unauthenticated attackers to perform administrative actions by sending crafted HTTP(S) requests, resulting in a full authentication bypass. A fix shipped in FortiWeb 8.0.2 prior to public disclosure; the U.S. Cybersecurity and … Read more

An extensive cybersecurity incident has reportedly hit international telecom solutions vendor Protei, with an unknown hacking group claiming to have compromised the company’s servers and exfiltrated around 182 GB of data, including years of internal email. The attack also involved a defacement of the official website, underscoring the growing cyber risks surrounding critical telecom equipment … Read more

The Microsoft Azure cloud platform has become the target of one of the most powerful distributed denial-of-service (DDoS) attacks reported in recent years. According to Microsoft, the peak traffic volume reached 15.72 Tbps, generated simultaneously from around 500,000 unique IP addresses. The campaign was attributed to the Aisuru botnet, a Turbo Mirai–class IoT botnet that … Read more

On 18 November 2025, Cloudflare, one of the world’s largest CDN and network security providers, experienced one of its most severe outages in recent years. The disruption affected Cloudflare’s global edge network and caused widespread downtime for websites and online services across multiple regions. According to Cloudflare CEO Matthew Prince, the root cause was not … Read more

A newly disclosed flaw in the popular WordPress performance plugin W3 Total Cache exposes over a million websites to a critical remote code execution (RCE) risk. Tracked as CVE-2025-9501, the vulnerability allows attackers to execute arbitrary PHP code on the server without any authentication, using nothing more than a specially crafted comment. What is CVE-2025-9501 … Read more

Researchers from the University of Vienna have demonstrated how a legitimate feature in WhatsApp can be turned into a powerful tool for mass data scraping. By abusing the platform’s phone-number search capability, the team was able to confirm the existence of more than 3.5 billion active WhatsApp accounts, making this one of the largest documented … Read more

Google is revising its planned Android Developer Verification program after community pushback, adding simplified accounts for small developers and an Advanced Mode (advanced flow) that allows experienced users to install unverified apps from third-party sources with stronger, explicit risk prompts. ADB-based installs from a connected computer will remain available, and Google previously committed to free … Read more

Global payments provider Checkout.com has disclosed a security incident following unauthorized access to a deprecated third‑party cloud file repository. The threat actor, identified as ShinyHunters, demanded a ransom that the company says it has declined to pay. Instead, Checkout.com announced investments of comparable value in cybersecurity research at Carnegie Mellon University and the Oxford Centre … Read more

A popular phishing-as-a-service kit known as Sneaky2FA has added support for browser-in-the-browser (BitB) attacks, dramatically improving its ability to hijack corporate accounts. By convincingly imitating single sign-on (SSO) login windows, the service can steal not only usernames and passwords, but also live session tokens, effectively bypassing two‑factor authentication (2FA) and multi‑factor authentication (MFA). Sneaky2FA is … Read more