Featured Story

Hacker Selling Critical Roundcube Webmail Exploit as Tech Info Disclosed

A critical vulnerability (CVE-2025-49113) in Roundcube webmail—used widely across hosting platforms—has been discovered and is already being sold on hacking forums. The flaw, present in versions 1.1.0 through 1.6.10, allows remote code execution. Although patched on June 1st, attackers quickly reverse-engineered the fix and began weaponizing the exploit just days later.

Other Stories

Google Fixed the Second Actively Exploited Chrome Zero-Day This Year

Google addressed CVE-2025-5419—an out-of-bounds read/write vulnerability in the V8 engine—via an emergency patch on May 28. The flaw was exploited in the wild to corrupt memory using crafted HTML pages.

Cybersecurity Lessons from Maersk’s Former CISO

Adam Banks, ex-CISO of Maersk, shared insights from the 2017 NotPetya ransomware attack, which cost the company $700M and took 3 months to recover from. His key message: be prepared, or risk operational collapse.

Hacktivists and State-Sponsored Groups Target Manufacturing and OT Systems

Forescout reported a 71% increase in attacks on manufacturing, with 29 active threat actors in early 2025. Attackers use longer dwell times and legitimate cloud services to evade detection while targeting operational technology systems.

Fake Ads on Social Media: An Increasingly Common Trap

Fraudulent social ads now impersonate brands or former employees to promote fake offers and lure victims into scams. These often link to cloned sites that steal payment info or personal data.