Explore

Log4Shell Vulnerability Persists, Affecting Millions of Systems Worldwide

Log4Shell Vulnerability Persists, Affecting Millions of Systems Worldwide

A recent report by Infosecurity Magazine reveals that 40 million instances of Log4j, a widely used logging library, remain vulnerable to the Log4Shell exploit, four years after its discovery. This vulnerability, which allows remote code execution, continues to pose a significant security risk. The report highlights that India, China, Japan, and the U.S. are the top countries with the most downloads of the vulnerable software. Despite the availability of fixes, many systems remain unpatched due to issues like set-and-forget dependencies and inadequate guidance from software composition analysis tools.

Freedom Chat App Security Flaws Expose User Data, Prompting Urgent Fixes

Freedom Chat App Security Flaws Expose User Data, Prompting Urgent Fixes

The messaging app Freedom Chat, which launched in June, has addressed significant security vulnerabilities that exposed users' phone numbers and PINs. Security researcher Eric Daigle discovered these flaws, which allowed unauthorized access to sensitive user information. The app's founder, Tanner Haas, confirmed that user PINs have been reset and a new version of the app has been released to address these issues. The vulnerabilities were reported to TechCrunch, as Freedom Chat lacks a public vulnerability disclosure program. The flaws included the ability to guess users' phone numbers and the exposure of PINs in public channels, potentially allowing unauthorized access to the app on stolen devices.

Chrome Targeted by Active Exploit Linked to High-Severity Flaw

Chrome Targeted by Active Exploit Linked to High-Severity Flaw

Google has released security updates for its Chrome browser to address three vulnerabilities, including one actively exploited in the wild. The high-severity flaw, tracked under Chromium issue ID '466192044', involves a buffer overflow vulnerability in the ANGLE library's Metal renderer. This flaw could lead to memory corruption or arbitrary code execution. Google has withheld specific details about the CVE identifier and the threat actor involved to prevent further exploitation. Users are advised to update their Chrome browsers to the latest versions to mitigate potential risks.

Log4Shell Vulnerability Persists with 40 Million Downloads in 2025

Log4Shell Vulnerability Persists with 40 Million Downloads in 2025

Sonatype has reported that 13% of Log4j versions downloaded in 2025 were vulnerable to the critical Log4Shell bug. This vulnerability, which has been a significant concern in cybersecurity circles, continues to pose risks as it is still being downloaded extensively. The Log4Shell bug, first identified in 2021, allows attackers to execute arbitrary code on affected systems, making it a severe threat to data security. Despite efforts to patch and secure systems, the continued download of vulnerable versions indicates ongoing challenges in cybersecurity management and awareness.

React2Shell Vulnerability Exploitation Surges, Affecting Over 50 Organizations

React2Shell Vulnerability Exploitation Surges, Affecting Over 50 Organizations

A critical vulnerability known as React2Shell in React Server Components has led to a surge in cyberattacks, affecting more than 50 organizations globally. The Cybersecurity and Infrastructure Security Agency has expedited the deadline for patching the vulnerability to mitigate risks. The vulnerability, identified as CVE-2025-55182, has been exploited by various threat actors, including nation-state attackers and cybercriminals. The attacks have targeted organizations across multiple sectors, including financial services, technology, and government. The vulnerability affects several React frameworks and bundlers, making it a widespread issue. Security experts have compared the React2Shell defect to the Log4Shell exploit, noting its potential for significant impact.

Petco Takes Down Vetco Website Following Customer Data Exposure

Petco Takes Down Vetco Website Following Customer Data Exposure

Petco has temporarily taken its Vetco Clinics website offline after a security lapse exposed customer data. The breach allowed public access to sensitive information, including medical histories and personal details of Vetco customers and their pets. TechCrunch discovered the vulnerability, which involved an insecure direct object reference (IDOR) flaw, allowing access to customer records by altering web addresses. Petco confirmed the breach and is investigating, but has not disclosed the extent of data extraction. This incident marks Petco's third data breach in 2025, following previous breaches involving customer data hosted on Salesforce and another due to a software setting error.

SRAM-Based Gaussian Noise Generation Enhances Post-Quantum Cryptography Security

SRAM-Based Gaussian Noise Generation Enhances Post-Quantum Cryptography Security

A new study explores the use of SRAM-based Gaussian noise generators to enhance the security of post-quantum cryptography (PQC) systems. The research highlights how SRAM modules can generate Gaussian-distributed noise, which is crucial for lattice-based and code-based encryption schemes. This hardware-driven approach reduces computational overhead and leverages the intrinsic stochastic behavior of SRAM devices to improve cryptographic security. The study provides a detailed analysis of the SRAM initialization process and the statistical properties of the generated noise, confirming its Gaussian characteristics and suitability for PQC applications.

DeadLock Ransomware Uses Vulnerable Driver Technique to Evade Detection

DeadLock Ransomware Uses Vulnerable Driver Technique to Evade Detection

The DeadLock ransomware has been employing a technique known as Bring Your Own Vulnerable Driver (BYOVD) to enhance its stealth capabilities. This method involves exploiting a vulnerability in a Baidu Antivirus driver, tracked as CVE-2024-51324, to disrupt endpoint detection services. Once the driver is exploited, a PowerShell script is executed, enabling privilege escalation and the takedown of security and backup systems. The ransomware then performs file encryption using a custom stream cipher, while avoiding critical Windows directories to facilitate ransom negotiations. Researchers recommend multi-factor authentication and robust endpoint defenses to mitigate the threat.

CISA Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-6218

CISA Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-6218

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the WinRAR file archiver, identified as CVE-2025-6218, to its Known Exploited Vulnerabilities catalog. This path traversal bug, which has a CVSS score of 7.8, allows for code execution if a user opens a malicious file or visits a compromised webpage. The vulnerability affects only Windows-based versions of WinRAR and was patched in June 2025 with the release of WinRAR 7.12. Despite the patch, the flaw is being actively exploited by threat groups such as GOFFEE, Bitter, and Gamaredon. These groups have used the vulnerability to conduct espionage and sabotage operations, including phishing campaigns targeting Ukrainian entities.

React2Shell Vulnerability Exploited by Cybercriminals, Impacting Numerous Organizations

React2Shell Vulnerability Exploited by Cybercriminals, Impacting Numerous Organizations

A critical vulnerability in the React library, known as React2Shell, is being actively exploited by cybercriminals. This vulnerability, officially tracked as CVE-2025-55182, affects systems using React version 19, particularly those with React Server Components. The flaw allows for unauthenticated remote code execution through specially crafted HTTP requests. Major cybersecurity firms have reported a surge in attacks, with Chinese threat actors initially exploiting the vulnerability. The attacks have led to the delivery of various malware types, including cryptocurrency miners and cloud credential theft tools. Notably, North Korea-linked actors have used the vulnerability to deploy persistent access implants like EtherRAT. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, urging federal agencies to address it promptly.

Quantum Mechanics Enables Truly Random Number Generation for Secure Digital Applications

Quantum Mechanics Enables Truly Random Number Generation for Secure Digital Applications

Researchers have developed a method to generate truly random numbers using quantum mechanics, a breakthrough that could enhance digital security and fairness. The Colorado University Randomness Beacon (CURBy) is the world's first publicly accessible source of traceable, verifiable random numbers. This system leverages quantum entanglement, a phenomenon where particles become interconnected in such a way that the state of one instantly influences the state of another, regardless of distance. CURBy uses this principle to produce random numbers that are essential for secure digital communications, such as secure web connections and password generation. The randomness is verified through a distributed process involving multiple institutions, ensuring that no single entity can manipulate the outcome.

WinRAR Vulnerability CVE-2025-6218 Exploited by Multiple Threat Groups

WinRAR Vulnerability CVE-2025-6218 Exploited by Multiple Threat Groups

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in the WinRAR file archiver, identified as CVE-2025-6218, to its Known Exploited Vulnerabilities catalog. This path traversal bug, which affects Windows-based builds, allows attackers to execute code by tricking users into opening malicious files. Despite being patched in June 2025, the flaw is actively exploited by threat groups such as GOFFEE, Bitter, and Gamaredon. These groups have used the vulnerability in targeted attacks, including phishing campaigns against Ukrainian entities, to deploy malware and conduct espionage operations.