Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.

GCHQ’s cyber security division has urged businesses to brace for Iranian cyber attacks after Britain backed the US-Israeli ...

Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via ...

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA spokesperson told Cybersecurity Dive. CISA does not know of other CVEs ...

The Bottom Line is, Cybercrime is no longer just a matter of data breaches and hacked accounts. It is the fuel for a global ...

A recent Spirit Airlines passenger has left the internet clucking with laughter after bringing an “emotional support” ...

In an update on the RESURGE malware, CISA claims that the malicious software can remain latent on systems until a remote actor attempts to connect to the compromised device. Because of this, the ...

By AJ Vicens March 1 (Reuters) - A wave of cyber-enabled operations took place early Saturday morning alongside the joint U.S ...

Security researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They ...

A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge ...