Resupply, a decentralized finance (DeFi) protocol, has confirmed an exploit in its wstUSR market. According to the project’s statement post on social media network X (formely Twitter), the affected smart contract has been identified and immediately paused. No other markets or protocol functions appear to have been impacted. Resupply has experienced an exploit in the

Continue Reading

Hawaiian Airlines, a large commercial airlines, is actively responding to a cybersecurity incident that has impacted parts of its internal IT systems. Despite the disruption, the airline has confirmed that all flights are operating on schedule, and guest travel remains unaffected. The airline first disclosed the incident earlier today via official statements and social media,

Continue Reading

Recent activity indicates a significant increase in scanning and exploitation attempts against Progress Software’s MOVEit Transfer platform, a widely used file-sharing solution used globally. Over the past three months, cybersecurity researchers have observed a sustained surge in malicious activity, suggesting that threat actors are actively probing for vulnerabilities in this widely used file-sharing solution. This

Continue Reading

Recent security disclosures have highlighted serious vulnerabilities in two widely used enterprise networking solutions: Citrix’s NetScaler ADC and Cisco’s Identity Services Engine (ISE). These flaws pose significant risks, including potential system disruptions and unauthorized access, prompting urgent updates from both vendors. Critical Flaw in NetScaler ADC Citrix has released an advisory regarding a severe security

Continue Reading

Recent security research has uncovered significant risks associated with misconfigured or overly privileged containers running in Amazon Elastic Kubernetes Service (EKS). These misconfigurations can expose sensitive AWS credentials, leading to potential privilege escalation, data breaches, and unauthorized access within cloud environments. Overprivileged Containers Kubernetes has become the backbone of modern cloud applications, enabling automation in

Continue Reading

A significant cryptographic flaw has been uncovered in Meshtastic, a widely used open-source project that enables secure, off-grid communication through LoRa mesh networks. This vulnerability exposes affected devices to potential decryption of private messages, unauthorized node control, and network hijacking. Meshtastic is designed to facilitate decentralized, private communication in environments where traditional networks are unavailable—such

Continue Reading

A newly discovered security vulnerability in OpenVPN’s Windows driver has raised alarms within the tech community. The flaw exposes systems running certain versions of OpenVPN to denial-of-service (DoS) attacks, potentially causing affected Windows machines to crash. The vulnerability, designated as CVE-2025-50054, exists within OpenVPN’s ovpn-dco-win driver, a component responsible for handling the VPN’s data channel

Continue Reading

CoinMarketCap, a leading cryptocurrency price tracking site, was recently targeted in a supply chain attack that exposed visitors to a wallet-drainer scam. The attack tricked users into connecting their cryptocurrency wallets, leading to the theft of funds. Earlier this year in January, visitors to CoinMarketCap’s homepage began seeing pop-up prompts asking them to connect their

Continue Reading