Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads

Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible systems and execute arbitrary code.
The vulnerability, tracked as CVE-2025-49113, carries a CVSS score of 9.9 out of 10.0. It has been described as a case of post-authenticated remote code execution via

Headline

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

The Hacker News: Latest News