A new ransomware strain is actively targeting VMware ESXi systems through a previously disclosed security flaw, according to a recent report. Attackers exploit unpatched servers running virtual machines, enabling them to encrypt large numbers of workloads swiftly. By focusing on the hypervisor rather than individual machines, criminals aim for maximum operational disruption. Security researchers indicate […]
A series of unpatched security flaws in the PHP-based Voyager admin panel has left numerous websites vulnerable to remote code execution and privilege escalation attacks. These weaknesses centre on insufficient input sanitisation and inadequate access controls, potentially enabling attackers to manipulate website databases or execute arbitrary commands. Despite awareness of these issues, no official fixes […]
DeepSeek AI Exposes Over 1 Billion Personal Records Through Misconfigured Database Summary: A misconfigured database belonging to DeepSeek AI, a company specialising in artificial intelligence-driven data analysis, was recently found leaking over 1.1 billion personal records. These records appear to include names, email addresses, phone numbers, and other sensitive information sourced from both public and […]
Apple Issues Critical Updates to Address Actively Exploited Zero-Day in iOS, macOS, iPadOS, and watchOS Apple has released a series of urgent software updates to patch a critical zero-day vulnerability affecting iOS, macOS, iPadOS, and watchOS. According to Apple, the flaw (which it has confirmed is being actively exploited in the wild) could allow malicious […]
SonicWall has issued an urgent advisory concerning a critical security flaw in its Secure Mobile Access (SMA) 1000 Series appliances. The vulnerability, identified as CVE-2025-23006, carries a severity rating of 9.8 out of 10 on the CVSS scale, indicating its high potential impact. Nature of the Vulnerability The flaw stems from a pre-authentication deserialisation of […]
