This SmarterMail vulnerability allows Remote Code Execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
Security Boulevard

Web Browsing’s Dark Side: Understanding Ransomware over Modern Web Browsers

Introduction As the world is more and more switched to the availability of the internet, web browsers act as portals to numerous services and data. However, such conveniences mean the existence of ...
MediaNama

Indian Army Revises Social Media Policy, Allows Passive Use Of X, Instagram, YouTube

The Indian Army has updated its social media use policy, allowing for passive use of X, YouTube, Instagram, but not comments ...
The Hacker News

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

My cultural awakening: a Turner painting helped me come to terms with my cancer diagnosis

Fear and feelings of intense vulnerability caused me to retreat into my shell, until I saw myself in an unlikely feature in one of the British master’s prints ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...