Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

Why CTEM is the Winning Bet for CISOs in 2025

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access.
The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities -

CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP

Headline

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

The Hacker News: Latest News