Latest Internet & Cybersecurity News
Over 10,000 Zimbra Servers Exposed to Persistent XSS Threats
More than 10,500 unpatched Zimbra Collaboration Suite instances worldwide remain vulnerable to CVE-2025-48700, enabling unauthenticated attackers to execute arbitrary JavaScript and access sensitive data. Primarily affecting servers in Asia (3,794) and Europe (3,793), CISA added it to its KEV catalog on April 21 due to active exploitation and mandated federal agencies to patch by April 23.
APT28 exploited a related XSS flaw in phishing attacks on Ukrainian entities.
CISA, FBI Alert on Chinese Volt Typhoon Botnet Targeting Critical Infrastructure
US FBI, CISA, and partners issued a joint advisory on a massive botnet of compromised SOHO routers and IoT devices run by China-linked Volt Typhoon actors. The network targets critical infrastructure sectors with covert operations.
Agencies provided defense recommendations against such threats.
Tennessee Hacker Sentenced for Supreme Court E-Filing Breaches
Nicholas Moore, 25, received 12 months probation after pleading guilty to using stolen credentials to access the US Supreme Court’s e-filing system 25 times, plus AmeriCorps and VA systems. He posted screenshots online to impress others rather than for financial gain.
France Titres ANTS Portal Breach Exposes Millions of User Records
A security breach at France's passport and driver’s license agency exposed data of millions, with a threat actor selling 19 million records including names, birth dates, and account IDs on hacking forums. The incident affects the ANTS portal.
US Accused of Exploiting Backdoors to Disable Iranian Infrastructure
Iranian media claims US triggered simultaneous failures in Cisco, Juniper, Fortinet, and MikroTik equipment in Isfahan via pre-installed backdoors or supply chain compromises, even when offline. Outages occurred during an attack despite disconnection from the internet.
Europe Watchdogs Warn of Escalating Cyber Threats Driven by AI
Europe's securities regulator chief highlighted growing risks and speed of cyberattacks accelerated by AI, echoing financial sector warnings. This underscores rising cyber vulnerabilities amid technological advances.
Enterprises in Asia Pacific Face Industrial-Scale Cybercrime
Cybercriminal networks in Asia Pacific operate like enterprises with specialized roles, targeting home routers, endpoints, SaaS, and cloud via coordinated attacks. Over 60% of enterprises face IT disruptions from regulations on data privacy, cybersecurity, and AI.
Defenses must match with intelligence sharing and hygiene.
US Federal Agency Cisco Firewall Infected with Firestarter Backdoor
A US federal agency's Cisco firewall was compromised by the 'Firestarter' backdoor malware, highlighting persistent supply chain risks.
Bitwarden NPM Package Hit in Supply Chain Attack
A Bitwarden NPM package suffered a supply chain attack, potentially exposing users to malicious code in dependencies.
Vulnerabilities Patched in CrowdStrike and Tenable Products
CrowdStrike and Tenable released patches for newly disclosed vulnerabilities in their cybersecurity products.
Locked Shields 2026: 41 Nations Participate in Largest Cyber Exercise
The Locked Shields 2026 exercise saw 41 nations collaborate to bolster cyber resilience against evolving threats.