CrushFTP, which providers customers with secure file server software, has been hit with a 0-day vulnerability that leaves thousands of servers open to attack.

Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Microsoft released an emergency security patch on Sunday to “mitigate active attacks targeting on-premises servers.”

Researchers have known for almost a decade that threat actors sometimes use DNS records to host malicious PowerShell scripts. DomainTools also found that technique in use—in the TXT records for the domain 15392.484f5fa5d2.dnsm.in.drsmitty [.]com. The hexadecimal method, which was recently described in a blog post, isn’t as well-known.

Those on resettlement scheme offered up to £20,000 per person by migrants to falsely list them as family members for evacuation

A cyberattack on Microsoft SharePoint servers has raised security concerns globally, with experts suggesting a single threat actor behind the assault. Microsoft issued a security alert, confirming SharePoint Online remains unaffected,

CrushFTP flaw CVE-2025-54309 exploited in wild, giving attackers admin access. Older builds before July 1 are at high risk

Scammers are now using online gambling sites to prey on Filipino victims by luring them with promises of quick returns.