Vendors
-
Almaviva confirms data theft after hacker posts 2.3TB claimed to include FS Italiane files
A hacker has posted 2.3TB of data it says was taken from Almaviva, an IT services provider that works with FS Italiane Group; Almaviva confirmed a breach and an investigation is ongoing, while it is unclear whether passenger data or other clients are affected.
-
D-Link warns of remote command-execution flaws in end-of-life DIR-878 routers
D-Link has warned that multiple remotely exploitable command-execution vulnerabilities affect the end-of-life DIR-878 router; technical details and proof-of-concept code are publicly available and the company recommends replacing the device because it will not receive security updates.
-
Critical command injection flaw found in W3 Total Cache WordPress plugin
A critical unauthenticated command injection in the W3 Total Cache WordPress plugin (CVE-2025-9501) can allow PHP code execution via a malicious comment. The developer issued a patch in version 2.8.13 on Oct. 20, but hundreds of thousands of sites may still be unpatched; WPScan plans to publish a proof-of-concept on Nov. 24.
-
Active exploitation reported for 7‑Zip ZIP symbolic link vulnerability
NHS England Digital warned that CVE-2025-11001, a 7‑Zip vulnerability affecting symbolic link handling and allowing remote code execution, is being actively exploited; 7‑Zip 25.00 released in July 2025 contains fixes and users are urged to update.
-
Fortinet warns of FortiWeb OS command injection flaw CVE-2025-58034 exploited in the wild
Fortinet warned that CVE-2025-58034, a medium-severity OS command injection in FortiWeb with a CVSS score of 6.7, has been exploited in the wild; patches are available in specific FortiWeb releases and the company credited a Trend Micro researcher for the report.
-
Meta gives researchers a WhatsApp Research Proxy and tightens anti-scraping protections
Meta has given selected bug bounty researchers access to a WhatsApp Research Proxy and launched a pilot to study platform abuse, while adding anti‑scraping protections after a public report showed how contact discovery could be abused to enumerate accounts at scale. Meta also patched a Unity‑related vulnerability affecting Quest devices and said it has paid…
-
Researchers detail use of Tuoni C2 in attack on U.S. real-estate firm
Researchers said attackers used the Tuoni C2 framework in a mid-October 2025 intrusion attempt against a U.S. real-estate firm, employing social engineering, PowerShell downloaders, BMP steganography and in-memory execution; the campaign was detected and blocked.
-
Cloudflare investigates global outage causing widespread 500 errors
Cloudflare is investigating a global outage that caused widespread 500 errors and dashboard/API failures; multiple European nodes and tens of thousands of user reports were affected while Cloudflare works on mitigation and some services show signs of recovery.
-
Google issues Chrome security update for actively exploited V8 bug
Google released Chrome updates to fix two V8 type confusion vulnerabilities, including CVE-2025-13223 which is being actively exploited; users should update to the listed Chrome versions and other Chromium-based browser vendors should apply fixes when available.
-
Malicious npm packages use Adspect redirects and fingerprinting to cloak crypto scams
Seven npm packages published under the name ‘dino_reborn’ used Adspect redirects and browser fingerprinting to route real visitors to fake cryptocurrency CAPTCHA scams while showing decoys to likely researchers, Socket researchers found.
