Security News

Emergency patch for potential SAP zero-day that could grant full system control
2025-04-25 15:31

German software giant paywalls details, but experts piece together the clues SAP's latest out-of-band patch is for a perfect 10/10 bug in NetWeaver that experts suspect could have already been...

Marks & Spencer pauses online orders after cyberattack
2025-04-25 15:05

British retailer giant Marks & Spencer (M&S) has suspended online orders while working to recover from a recently disclosed cyberattack. [...]

Mobile provider MTN says cyberattack compromised customer data
2025-04-25 14:57

African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. [...]

Windows "inetpub" security fix can be abused to block future updates
2025-04-25 14:23

A recent Windows security update that creates an 'inetpub' folder has introduced a new weakness allowing attackers to prevent the installation of future updates. [...]

Baltimore City Public Schools data breach affects over 31,000 people
2025-04-25 14:06

​Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network. [...]

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
2025-04-25 14:05

North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor...

SAP fixes suspected Netweaver zero-day exploited in attacks
2025-04-25 13:01

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. [...]

SAP fixes critical Netweaver flaw exploited in attacks
2025-04-25 13:01

SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers. [...]

Cryptocurrency Thefts Get Physical
2025-04-25 11:07

Long story of a $250 million cryptocurrency theft that, in a complicated chain events, resulted in a pretty brutal kidnapping.

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
2025-04-25 10:41

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.  "The exploitation is...