This week's security landscape was dominated by critical vulnerabilities requiring immediate attention and significant breach disclosures. High-severity CVEs across major enterprise platforms underscore the persistent need for rigorous patch management.
Top Security Stories
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as ...
Source: thehackernews.com
Chinese state hackers use rootkit to hide ToneShell malware activity
A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations. [...]
Source: bleepingcomputer.com
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code...
Source: thehackernews.com
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension,...
Source: thehackernews.com
Hackers drain $3.9M from Unleash Protocol after multisig hijack
The decentralized intellectual property platform Unleash Protocol has lost around $3.9 million worth of cryptocurrency after someone executed an unauthorized contract upgrade that allowed asset withdr...
Source: bleepingcomputer.com
European Space Agency Confirms Breach After Hacker Offers to Sell Data
The European Space Agency is conducting an investigation and says external science servers have been compromised. The post European Space Agency Confirms Breach After Hacker Offers to Sell Data appear...
Source: securityweek.com
Korean Air Data Compromised in Oracle EBS Hack
Roughly 30,000 Korean Air employees had their data stolen by hackers in a breach at former subsidiary KC&D. The post Korean Air Data Compromised in Oracle EBS Hack appeared first on SecurityWeek.
Source: securityweek.com
Coupang to split $1.17 billion among 33.7 million data breach victims
Coupang, the largest retailer in South Korea, announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers whose information was exposed in the data breach discovered...
Source: bleepingcomputer.com
Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000
It took Sax well over a year to complete its investigation after detecting hackers on its network. The post Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000 appeared first on Se...
Source: securityweek.com
⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More
Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same time. Tools people trust every day behave in unexpected ways. Old flaws resurfaced. Ne...
Source: thehackernews.com
Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak
A hacker named Lovely made public 2.3 million records representing Wired subscriber information. The post Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak appeared first on S...
Source: securityweek.com
Hacker claims to leak WIRED database with 2.3 million records
A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million addi...
Source: bleepingcomputer.com
Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code
Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a "security incident" that led to the loss of approximately $7 million. The issu...
Source: thehackernews.com
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-14847 MongoDB and MongoDB Server Improper Handling of Leng...
Source: cisa.gov
Fresh MongoDB Vulnerability Exploited in Attacks
Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. The post Fresh MongoDB Vulnerability Exploited in Attacks appeare...
Source: securityweek.com
Critical Vulnerabilities (CVEs)
| CVE ID | CVSS Score | Description |
|---|---|---|
| CVE-2025-13915 | 9.8 | IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized acces... |
| CVE-2025-68668 | 9.9 | n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node ... |
| CVE-2025-68932 | 9.8 | FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptographically weak random number generators (mt_rand() an... |
| CVE-2025-15165 | 7.3 | A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustome... |
| CVE-2025-15166 | 7.3 | A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edi... |