News
-
Command injection in legacy D-Link DSL routers tracked as CVE-2026-0625 and actively exploited
A security advisory warns of an active command injection vulnerability, CVE-2026-0625, in several end-of-life D-Link DSL routers. Vendors recommend retiring affected models and replacing them with supported devices.
-
Two Chrome extensions exfiltrated ChatGPT and DeepSeek conversations from 900,000 users
A technical analysis by OX Security found two malicious Chrome extensions that collected ChatGPT and DeepSeek conversations and tab URLs from about 900,000 users and sent the data to external servers on a regular schedule.
-
Unpatched TOTOLINK EX200 firmware flaw can start unauthenticated root telnet
A CERT/CC advisory disclosed CVE-2025-65606 in the TOTOLINK EX200 that can trigger an unauthenticated root telnet service. The vendor has not issued a patch and the product appears unsupported.
-
PHALT#BLYX campaign uses fake Booking emails and BSoD lures to deliver DCRat
PHALT#BLYX used fake Booking.com reservation emails and a bogus blue screen lure in late December 2025 to deliver the DCRat remote access trojan to European hospitality systems.
-
Palo Alto Networks in talks to buy Israeli cybersecurity startup Koi for about $400 million
Palo Alto Networks is reported to be in talks to buy Israeli startup Koi for about $400 million. Koi, founded in 2024 and backed with $48 million, offers an AI driven supply chain security platform that protects over 500,000 endpoints.
-
Cisco in advanced talks to buy Axonius for $2 billions
Cisco is in advanced talks to acquire Israeli cybersecurity firm Axonius for $2 billion, according to a Calcalist report. Axonius was previously valued at $2.6 billion and has raised about $700 million.
-
Cyber incident forces two day closure at Warwickshire school
A cyber incident shut down IT at Higham Lane School in Nuneaton, cutting phones, email and servers and forcing a two day closure. Recovery work involves a Department for Education response team and trust IT experts.
-
UK launches Government Cyber Action Plan with £210 million pledge
The UK launched a Government Cyber Action Plan with a £210 million pledge to create a Government Cyber Unit and new cyber profession while aligning departments with critical infrastructure security requirements to strengthen public sector defences.
-
Critical path traversal in @adonisjs/bodyparser allows arbitrary file writes
A critical path traversal in the @adonisjs/bodyparser npm package tracked as CVE-2026-21440 with CVSS 9.2 can permit arbitrary file writes. Patches are available in versions 10.1.2 and 11.0.0-next.6
-
Critical n8n flaw CVE-2025-68668 allows authenticated command execution on host
A critical sandbox bypass in the n8n Python Code Node, tracked as CVE-2025-68668 and rated CVSS 9.9, allows authenticated workflow authors to execute OS commands on hosts. The issue is fixed in n8n 2.0.0.
