Risk
-
Denmark blames Russia for destructive cyberattack on water utility, names hacker groups
Denmark’s Defence Intelligence Service accused Russia of directing cyberattacks against Danish critical infrastructure, naming Z-Pentest and NoName057(16), and said the activity formed part of a Russian hybrid campaign that has used elections to attract attention.
-
UEFI firmware flaw leaves early-boot DMA protections uninitialized on multiple motherboards
A firmware flaw affecting ASRock, ASUS, GIGABYTE and MSI motherboards can leave IOMMU uninitialized during early boot, allowing DMA-capable PCIe devices with physical access to read or modify system memory; four CVEs have been assigned and vendors have released firmware updates.
-
University of Sydney says coding repository breach exposed personal data of more than 27,000
The University of Sydney said an online coding repository was breached, exposing files with personal information for more than 27,000 current and former staff and students. The university blocked access, notified regulators, began notifying affected people and set up support services, but said there was no evidence the data has been published or misused.
-
HPE fixes critical OneView flaw rated CVSS 10.0 that allows remote code execution
Hewlett Packard Enterprise has fixed a CVSS 10.0 vulnerability in OneView (CVE-2025-37164) that could allow unauthenticated remote code execution; patches, version 11.00 and hotfixes for earlier releases, are available and should be applied promptly.
-
CISA adds critical ASUS Live Update flaw to known exploited vulnerabilities catalog
CISA added a critical ASUS Live Update vulnerability, CVE-2025-59374 (CVSS 9.3), to its Known Exploited Vulnerabilities catalog citing active exploitation; the flaw stems from a past supply chain compromise and vendors say affected builds were limited to devices meeting specific targeting conditions.
-
SonicWall issues patch for actively exploited SMA 100 series privilege escalation bug
SonicWall released fixes for CVE-2025-40602, a local privilege escalation in SMA 100 series appliances that has been actively exploited; the flaw was reportedly used with CVE-2025-23006 to achieve unauthenticated root code execution, and users are urged to apply patches promptly.
-
China-linked Ink Dragon group targets European government networks, Check Point says
Check Point Research says a China-linked hacking cluster known as Ink Dragon has focused on European government targets since July 2025, using web shells, ShadowPad relays and modular tooling including FINALDRAFT to maintain stealthy, long-term access across multiple regions.
-
Amazon says it disrupted GRU-linked campaign that targeted misconfigured edge network devices
Amazon says it disrupted a years-long campaign attributed to the Russian GRU that shifted from exploiting software flaws to targeting misconfigured edge devices on customer cloud infrastructure, and that it has protected affected EC2 instances, notified customers and shared intelligence.
-
Texas sues five TV makers over alleged secret collection of viewing data
Texas Attorney General Ken Paxton sued Sony, Samsung, LG, Hisense and TCL, alleging their smart TVs used Automated Content Recognition to capture and transmit viewing data without consent; Paxton’s office also warned of national security risks tied to China-based companies.
-
New ‘SantaStealer’ infostealer marketed on forums
Rapid7 researchers said a new malware-as-a-service infostealer called SantaStealer is being marketed on Telegram and forums, offers subscription plans, includes multiple data-theft modules and appears to have leaked samples that undermine claims of stealth.
