Top-notch cybersecurity magazine

Following the introduction of international sanctions against Zservers, Russian ‘bulletproof’ hosting services provider, the Dutch National Police (Politie) shut down and seized 127 servers belonging to Zservers/XHost.

Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed back in December 2024.

The Shadowserver Foundation warns of a massive web login brute-forcing attacks targeting nearly 2.8 million IP addresses per day. Unknown attackers are seeking credentials for a wide range of network devices belonging to such companies as Palo Alto Networks, Ivanti, and SonicWall.

According to the incident report released by Cloudflare, an attempt to block a phishing URL on the R2 platform accidentally caused a massive outage; as a result, many Cloudflare services were unavailable for almost an hour.

watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations.