Tag: Internet
-
59,000 Servers Breached: Operation PCPcat Targets React and Next.js at Internet Scale
A large-scale cyber espionage operation known as Operation PCPcat has shaken the modern web infrastructure, compromising more than 59,000 servers in just 48 hours. The campaign targets systems built on React frameworks, including widely deployed Next.js and React Servers, and has already resulted in the theft of hundreds of thousands of credentials. First seen on thecyberexpress.com Jump to…
-
NDSS 2025 Detecting SDN Control Policy Manipulation Via Contextual Semantics Of Provenance Graphs
Tags: attack, conference, control, data, detection, framework, guide, Internet, monitoring, network, software, vulnerabilitySession 7A: Network Security 2 Authors, Creators & Presenters: Ziwen Liu (Beihang University), Jian Mao (Beihang University; Tianmushan Laboratory; Hangzhou Innovation Institute, Beihang University), Jun Zeng (National University of Singapore), Jiawei Li (Beihang University; National University of Singapore), Qixiao Lin (Beihang University), Jiahao Liu (National University of Singapore), Jianwei Zhuge (Tsinghua University; Zhongguancun Laboratory), Zhenkai…
-
NDSS 2025 Detecting SDN Control Policy Manipulation Via Contextual Semantics Of Provenance Graphs
Tags: attack, conference, control, data, detection, framework, guide, Internet, monitoring, network, software, vulnerabilitySession 7A: Network Security 2 Authors, Creators & Presenters: Ziwen Liu (Beihang University), Jian Mao (Beihang University; Tianmushan Laboratory; Hangzhou Innovation Institute, Beihang University), Jun Zeng (National University of Singapore), Jiawei Li (Beihang University; National University of Singapore), Qixiao Lin (Beihang University), Jiahao Liu (National University of Singapore), Jianwei Zhuge (Tsinghua University; Zhongguancun Laboratory), Zhenkai…
-
NDSS 2025 A Large-Scale Measurement Study Of The PROXY Protocol And Its Security Implications
Tags: access, automation, cctv, conference, control, data, email, Internet, iot, leak, monitoring, network, service, vulnerabilitySession 7A: Network Security 2 Authors, Creators & Presenters: Stijn Pletinckx (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara) PAPER A Large-Scale Measurement Study Of The PROXY Protocol And Its Security Implications Reverse proxy servers play a critical role in optimizing Internet services, offering…
-
WatchGuard warns critical flaw in Firebox devices facing exploitation
The company said the threat activity is part of a larger campaign against edge devices and internet-exposed infrastructure. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/watchguard-critical-flaw-firebox-exploitation/808617/
-
Inside Uzbekistan’s nationwide license plate surveillance system
The Uzbek government’s national license plate scanning system was discovered exposed to the internet for anyone to access without a password. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/23/inside-uzbekistans-nationwide-license-plate-surveillance-system/
-
Das Internet im Würgegriff – Network Blocking: Wie Netzsperren das Web kaputtmachen
First seen on security-insider.de Jump to article: www.security-insider.de/network-blocking-wie-netzsperren-das-web-kaputtmachen-a-b4aec351dde7fbe6764db786f792dbdd/
-
NDSS 2025 ReDAN: An Empirical Study On Remote DoS Attacks Against NAT Networks
Tags: access, attack, cloud, conference, dos, exploit, firmware, Internet, malicious, network, router, side-channel, software, vulnerability, wifiSession 7A: Network Security 2 Authors, Creators & Presenters: Xuewei Feng (Tsinghua University), Yuxiang Yang (Tsinghua University), Qi Li (Tsinghua University), Xingxiang Zhan (Zhongguancun Lab), Kun Sun (George Mason University), Ziqiang Wang (Southeast University), Ao Wang (Southeast University), Ganqiu Du (China Software Testing Center), Ke Xu (Tsinghua University) PAPER ReDAN: An Empirical Study On Remote…
-
NDSS 2025 GadgetMeter: Quantitatively And Accurately Gauging The Exploitability Of Speculative Gadgets
Tags: attack, conference, detection, exploit, framework, Internet, linux, mitigation, network, software, vulnerabilitySession 6D: Software Security: Vulnerability Detection Authors, Creators & Presenters: Qi Ling (Purdue University), Yujun Liang (Tsinghua University), Yi Ren (Tsinghua University), Baris Kasikci (University of Washington and Google), Shuwen Deng (Tsinghua University) PAPER GadgetMeter: Quantitatively And Accurately Gauging The Exploitability Of Speculative Gadgets Since their emergence in 2018, speculative execution attacks have proven difficult…
-
Pirate activists have copied Spotify’s entire music library
Don’t give hacktivists what they really wantHacktivism’s reemergence explained: Data drops and defacements for social justiceLondon internet attack highlights confusing hacktivism movement First seen on csoonline.com Jump to article: www.csoonline.com/article/4110569/pirate-activists-have-copied-spotifys-entire-music-library.html
-
WatchGuard Fixes Firewall Zero-Day Being Actively Exploited
Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS. Attackers are actively attempting to exploit a now patched, zero-day vulnerability in WatchGuard Firebox firewalls, tracked as CVE-2025-14733, that can be used to remotely execute code. Scans show that over 115,000 of these edge devices remain internet-connected, unpatched and at risk. First seen on…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
WatchGuard Firebox firewalls under attack (CVE-2025-14733)
More than 115,000 internet-facing WatchGuard Firebox firewalls may be vulnerable to compromise via CVE-2025-14733, a remote code execution vulnerability actively targeted by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/22/watchguard-firebox-vulnerability-cve-2025-14733/
-
NDSS 2025 RACONTEUR: A Knowledgeable, Insightful, And Portable LLM-Powered Shell Command Explainer
Session 6D: Software Security: Vulnerability Detection Authors, Creators & Presenters: Jiangyi Deng (Zhejiang University), Xinfeng Li (Zhejiang University), Yanjiao Chen (Zhejiang University), Yijie Bai (Zhejiang University), Haiqin Weng (Ant Group), Yan Liu (Ant Group), Tao Wei (Ant Group), Wenyuan Xu (Zhejiang University) PAPER RACONTEUR: A Knowledgeable, Insightful, And Portable LLM-Powered Shell Command Explainer Malicious shell…
-
NDSS 2025 Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems
Tags: attack, conference, detection, exploit, injection, Internet, linux, network, programming, software, tool, vulnerabilitySession 6D: Software Security: Vulnerability Detection Authors, Creators & Presenters: Hengkai Ye (The Pennsylvania State University), Hong Hu (The Pennsylvania State University) PAPER Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems Code injection was a favored technique for attackers to exploit buffer overflow vulnerabilities decades ago. Subsequently, the widespread adoption of lightweight…
-
25,000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote Exploitation
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. The non-profit security organization recently added fingerprinting capabilities for these systems to its Device Identification reporting service, alerting network administrators to verify their security posture immediately. Mass…
-
25,000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote Exploitation
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. The non-profit security organization recently added fingerprinting capabilities for these systems to its Device Identification reporting service, alerting network administrators to verify their security posture immediately. Mass…
-
NDSS 2025 Interventional Root Cause Analysis Of Failures In Multi-Sensor Fusion Perception Systems
Session 6C: Sensor Attacks Authors, Creators & Presenters: Shuguang Wang (City University of Hong Kong), Qian Zhou (City University of Hong Kong), Kui Wu (University of Victoria), Jinghuai Deng (City University of Hong Kong), Dapeng Wu (City University of Hong Kong), Wei-Bin Lee (Information Security Center, Hon Hai Research Institute), Jianping Wang (City University of…
-
NDSS 2025 PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation
Session 6C: Sensor Attacks Authors, Creators & Presenters: Yan Jiang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Yancheng Jiang (Zhejiang University), Kai Wang (Zhejiang University), Chenren Xu (Peking University), Wenyuan Xu (Zhejiang University) PAPER NDSS 2025 – PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation Sensors are key components to enable various applications, e.g., home intrusion…
-
NDSS 2025 PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation
Session 6C: Sensor Attacks Authors, Creators & Presenters: Yan Jiang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Yancheng Jiang (Zhejiang University), Kai Wang (Zhejiang University), Chenren Xu (Peking University), Wenyuan Xu (Zhejiang University) PAPER NDSS 2025 – PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation Sensors are key components to enable various applications, e.g., home intrusion…
-
FireTail’s 2022 Review on Macro, Industry, and Thoughts About What’s Next FireTail Blog
Tags: ai, api, attack, cloud, cyber, cybercrime, cybersecurity, data, exploit, finance, government, infrastructure, intelligence, Internet, jobs, office, open-source, regulation, russia, startup, strategy, technology, usa, vulnerabilityDec 19, 2025 – Jeremy Snyder – New beginnings, such as new years, provide a nice opportunity to look back at what we have just experienced, as well as look forward to what to expect. 2022 was a year of transition in many ways, and 2023 may well be the same. I wanted to reflect…
-
Over 25,000 FortiCloud SSO devices exposed to remote attacks
Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-25-000-forticloud-sso-devices-exposed-to-remote-attacks/
-
Faith in the internet is fading among young Brits
Tags: InternetOfcom survey finds 18-34s increasingly see life online as bad for society and their mental health First seen on theregister.com Jump to article: www.theregister.com/2025/12/19/internet_bad_for_society/
-
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks
Authorities in Nigeria have announced the arrest of three “high-profile internet fraud suspects” who are alleged to have been involved in phishing attacks targeting major corporations, including the main developer behind the RaccoonO365 phishing-as-a-service (PhaaS) scheme.The Nigeria Police Force National Cybercrime Centre (NPFNCCC) said investigations conducted in collaboration with First seen on thehackernews.com Jump to…
-
Clop Ransomware Group Targets Gladinet CentreStack Servers to Exfiltrate Data
Tags: attack, corporate, cyber, data, exploit, extortion, group, intelligence, Internet, ransomware, vulnerabilityThe notorious Clop ransomware group has launched a new data extortion campaign targeting internet-facing Gladinet CentreStack file servers, exploiting an unknown vulnerability to steal sensitive corporate information. Incident responders from the Curated Intelligence community first identified this campaign, which marks the latest in a series of Clop attacks targeting enterprise file transfer and storage solutions.…
-
NDSS 2025 PhantomLiDAR: Cross-Modality Signal Injection Attacks Against LiDAR
Session 6C: Sensor Attacks Authors, Creators & Presenters: Zizhi Jin (Zhejiang University), Qinhong Jiang (Zhejiang University), Xuancun Lu (Zhejiang University), Chen Yan (Zhejiang University), Xiaoyu Ji (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER PhantomLiDAR: Cross-Modality Signal Injection Attacks Against LiDAR LiDAR is a pivotal sensor for autonomous driving, offering precise 3D spatial information. Previous signal…