W3 Total Cache PoC Published, Putting Millions of WordPress Sites at Risk
A proof-of-concept (PoC) exploit has been released for CVE-2025-9501, a critical command-injection vulnerability in W3 Total Cache, one of the most widely used caching plugins for WordPress. With over 1 [...]
Threat Actors Exploit WhatsApp to Stealthily Gather User Data
A new malware campaign is actively targeting users in Brazil, using WhatsApp as the primary channel to deliver banking trojans and steal sensitive data. The operation combines social engineering, browser [...]
Gainsight Breach Exposes Data from 200+ Organizations
Salesforce has disclosed a significant security incident involving unauthorized access to customer data through compromised OAuth tokens used by Gainsight-published applications. The breach, identified in mid-November 2025, may have exposed [...]
CISA Alerts Organizations to Oracle Identity Manager RCE Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly identified Oracle vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. [...]
Hackers Use Matrix Push C2 for Malware and Browser Phishing
A new command-and-control system called Matrix Push C2 has become a major threat to users on all operating systems. This tool uses normal web browser features to deliver malware and [...]
Get Social