Alerts
Gogs, a lightweight and self-hosted Git service commonly used as an alternative to GitHub Enterprise or GitLab, has become the focus of urgent U.S. federal cybersecurity action. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Gogs vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog,
Breaches
The Everest ransomware group has claimed responsibility for a significant cyber intrusion targeting Nissan Motor Co., Ltd., alleging the exfiltration of approximately 900GB of sensitive data from the Japanese automaker. What We Know So Far Everest posted alleged proof-of-compromise samples on underground forums, a tactic commonly associated with double-extortion ransomware
Alerts
Patch immediately. CVSS 10.0. A maximum-severity flaw in n8n allows unauthenticated attackers to fully compromise servers and access all connected systems including API keys, databases, and cloud services. Vulnerability Summary CVECVE-2026-21858Severity10.0 CRITICALAffectedn8n versions < 1.121.0ExploitedPoC availablePatchUpgrade to 1.121.0+ What's at Risk Attackers
Threats
A newly attributed China-nexus threat actor designated UAT-7290 has been conducting espionage operations against telecommunications providers in South Asia and organizations in Southeastern Europe since at least 2022. According to research published recently by Cisco Talos, the group employs a sophisticated multi-stage attack chain combining open-source tools, custom malware, and
Threats
Security researchers have uncovered evidence suggesting that threat actors speaking Chinese may have been exploiting serious vulnerabilities in VMware ESXi long before these flaws were publicly disclosed by the vendor. According to a new analysis by cybersecurity firm Huntress, a breach observed in December 2025 began with the compromise of
Threats
An Iran-linked threat actor known as MuddyWater has been linked to a newly identified spear-phishing campaign targeting diplomatic, maritime, financial, and telecommunications organizations across the Middle East. The operation deploys a Rust-based remote access trojan (RAT) dubbed RustyWater, signaling a continued evolution in the group’s malware development strategy. According
Alerts
A severe command injection vulnerability in end-of-life D-Link DSL gateway devices is being actively exploited by threat actors, with no patch forthcoming from the manufacturer. The Vulnerability Tracked as CVE-2026-0625 with a critical CVSS score of 9.3, the flaw exists in the dnscfg.cgi component responsible for handling DNS
Threats
Cyber-espionage group shifts tactics, using fake scientific library emails to infect individual researchers A cyber-espionage group known as ForumTroll has launched a new phishing campaign targeting Russian academics, marking the group’s return months after exploiting a Google Chrome zero-day vulnerability earlier in 2025. The attacks, detected in October 2025,
Breaches
Hudson Rock reports that several high-profile data breaches have been tied to a threat actor who gains entry into enterprise networks using stolen credentials. The actor, known as “Zestix” and also associated with the online persona “Sentap,” operates as an initial access broker (IAB). In addition to facilitating access, the