SHELBY malware: GitHub C2, data theft
Elastic Security Labs has discovered a complex malware campaign, REF8685, targeting Iraq's telecom sector. The campaign uses a new malware family, SHELBY, which exploits GitHub for command-and-control (C2), data exfiltration, [...]
Fake Snow White downloads spread malware to viewers
With no official streaming release for the new Snow White, many users are resorting to piracy, making them vulnerable to cyber threats. Veriti researchers uncovered a campaign where attackers distribute [...]
46 flaws: solar inverters open to attack
Forescout Vedere Labs found 46 vulnerabilities in solar inverters from Sungrow, Growatt, and SMA. Exploiting these flaws could disrupt power grids and compromise user privacy. Over 80% of solar vulnerabilities [...]
Cloudflare: password error, outage
Cloudflare's 1-hour outage, affecting services like R2 storage and Cache Reserve, was caused by a faulty credential rotation in the R2 Gateway service. All about the outage The outage occurred [...]
CrushFTP warns: unauthorized access via HTTP(S)
CrushFTP and Next.js face critical vulnerabilities, raising security concerns. Rapid7 warns these flaws could lead to data breaches and unauthorized access. All about the Vulnerability Next.js Vulnerability (CVE-2025-29927) A critical [...]
Get Social