Iranian attackers recently manipulated a small U.S. water-treatment station simply by logging in with the factory-set password “1111”. The incident led CISA to repeat years-old advice: default credentials remain one of the most abused weaknesses in operational-technology (OT) and IoT environments. Default passwords survive because they simplify initial set-up and bulk provisioning, yet they invite […]

Veeam rushes out fix for critical backup flaw Veeam has issued updates for Backup & Replication after researchers from CODE WHITE and watchTowr disclosed CVE-2025-23121, a remote-code-execution bug scored 9.9/10.0 on the CVSS scale. The flaw affects every Version 12 build up to 12.3.1.1139 and lets an authenticated Windows domain user run arbitrary code on […]

New Linux Bugs Give Attackers Instant Root – Patch Now Security firm Qualys has revealed two local-privilege-escalation bugs that, when chained, let any logged-in user on most Linux distributions become root in seconds. • CVE-2025-6018 sits in the PAM configuration shipped with openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing a normal user to […]

Russian Hackers Use Gmail App Passwords to Beat 2FA Russian state-linked group APT29 (UNC6293) is using Google “application-specific passwords” (ASPs) to sidestep two-factor authentication on Gmail accounts. Posing as U.S. State Department officials, the attackers court academics and Kremlin critics over several weeks, then send a PDF instructing victims to generate a 16-digit ASP and […]

Chrome zero-day (CVE-2025-2783) exploited to plant ‘Trinper’ back-door A critical bug in Google Chrome, now fixed, was weaponised earlier this year by a little-known threat group called TaxOff. The flaw, tracked as CVE-2025-2783, allowed attackers to break out of Chrome’s sandbox and install a bespoke back-door dubbed Trinper. A slick phishing hook Victims first received […]

Threat actors increasingly exploit “orphaned” Active Directory (AD) service accounts logins originally created for legacy apps, test scripts or scheduled tasks that remain active with non-expiring passwords. Because these machine accounts sit outside normal user-lifecycle reviews, they often escape audits and accumulate dangerous permissions. An early-2024 botnet campaign against Microsoft 365 showed how attackers can […]

Cyber-security experts warn that tens of thousands of British firms may already have hackers lurking undetected inside their systems. The shift to “ransomware-as-a-service” means criminal groups such as DragonForce rent out powerful attack tools, letting less-skilled crooks keep 80 % of any ransom while the developers take a cut. Evidence of DragonForce has been found […]

HPE rushes out patch for critical StoreOnce backup flaw Hewlett Packard Enterprise has issued patches for eight vulnerabilities in its StoreOnce backup and deduplication appliances. The worst, CVE-2025-37093 (CVSS 9.8), lets remote attackers bypass authentication on any version prior to StoreOnce 4.3.11. Zero Day Initiative says the flaw sits in the machineAccountCheck method. Once inside, […]

Google unmasks ‘UNC6040’ vishing gang targeting Salesforce users Google’s Threat Intelligence Group (GTIG) has unmasked UNC6040, a financially-driven gang that runs English-language voice-phishing (vishing) campaigns. Posing as IT support staff, callers persuade employees to install or approve a doctored version of Salesforce’s Data Loader. Once authorised, the tool siphons corporate Salesforce data, after which the […]