The Shadowserver Foundation, a non-profit security organization, has identified a significant uptick in high-severity activities involving hosts performing HTTP-based scans across diverse networks worldwide. These activities often include attempts to detect and potentially exploit vulnerabilities in targeted systems. The report, originally developed as part of the EU Horizon 2020 SISSDEN Project and extended under the

Continue Reading

Recently, a security incident involving the unauthorized issuance of TLS certificates for 1.1.1.1, a widely used public DNS resolver, has come to light. Over nearly a year and a half, a Certificate Authority (Fina CA) issued twelve certificates for this IP address without proper authorization. While there’s no current evidence these certificates were exploited maliciously,

Continue Reading

In recent weeks, Cloudflare has been actively protecting its network from a surge of large-scale Distributed Denial of Service (DDoS) attacks. Security systems have autonomously identified and blocked hundreds of these malicious assaults, some reaching unprecedented volumes. One of the most significant attacks peaked at an astonishing 5.1 billion packets per second, and 11.5 terabits

Continue Reading

Jaguar Land Rover (JLR), the British automotive manufacturer known for its luxury vehicles including Range Rover, Discovery, and Jaguar’s line of elegant vehicles, recently disclosed a significant cyber incident affecting its global operations. In a statement on their official website, the company revealed that they proactively shut down their systems to mitigate the impact of

Continue Reading

A critical security vulnerability discovered by Patchstack cybersecurity researchers within the widely-used Paid Membership Subscriptions WordPress plugin has recently been patched. This flaw could have allowed cybercriminals to access sensitive website databases without any authentication. The Paid Membership Subscriptions plugin is a popular tool that helps website owners create membership sites and manage recurring subscriptions,

Continue Reading

New updates have been released for FreePBX, an open-source VoIP phone system managent platform. These updates include a critical security fix addressing a recently discovered vulnerability impacting certain configurations where the admin interface was exposed to the internet, and could have potentially allowed unauthorized access or control. This vulnerability, tracked as CVE-2025-57819, specifically affects the

Continue Reading

Hewlett Packard Enterprise (HPE) has released wa series of important security updates across its product range, addressing multiple vulnerabilities, including some with critical and high severity rating. Among the fixes are for the HP-UX PAM RADIUS component, versions 11i v3 prior to A.03.00.00. Multiple security issues could allow attackers to execute malicious code remotely or

Continue Reading