Low-Privilege Code Execution Risk Found in Cato Networks Client for macOS
A critical security flaw (CVE-2025-3886) in Cato Networks’ macOS Client has been disclosed, enabling local attackers to escalate privileges and execute arbitrary code with...
Hackers Deceive Tenants into Redirecting Rent Payments to Fraudulent Accounts
A newly identified financially motivated threat actor, tracked as TA2900 by Proofpoint, has launched a series of business email compromise (BEC) campaigns targeting tenants...
New WordPress Anti-Malware Plugin Grants Hackers Full Website Control
A newly discovered malware variant, camouflaged as a seemingly legitimate WordPress anti-malware plugin, has been granting threat actors full administrative control over targeted websites,...
Microsoft Telnet Server Flaw Lets Attackers Bypass Guest Login Restrictions
Security researchers have disclosed a series of high-risk vulnerabilities in Microsoft Telnet Server, specifically targeting the NTLM authentication mechanism within the Microsoft Telnet Authentication...
Ruby on Rails Flaw Enables Bypass of CSRF Protections
A longstanding vulnerability in Ruby on Rails’ cross-site request forgery (CSRF) protections has resurfaced, as security researchers have demonstrated that all current versions, as...
