C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
…7, 2026 10:17 AM A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. The…
Search
Top stories
Windows 11 KB5089573 update released with performance improvements
…With this update, Windows quality updates include additional high-confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after…
Palo Alto Networks firewall zero-day exploited for nearly a month
…A week later, the attackers successfully achieved RCE against the device and injected shellcode. Following the compromise, the attackers immediately conducted log cleanup to mitigate detection by clearing crash kernel messages, deleting…
Microsoft fixes BitLocker recovery issue only for Windows 11 users
…Microsoft acknowledged the issue on April 14, saying it affects Windows 10, Windows 11, and Windows Server devices with an "unrecommended" BitLocker Group Policy configuration, and that it will prompt users to…
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
…You can check whether the firmware has been applied from the Bluetooth settings on your device by tapping the info button next to the headphones. The security flaw ( CVE-2025-20701 ) was…
Hackers bypass SonicWall VPN MFA due to incomplete patching
…SonicWall warned in a security advisory for CVE-2024-12802 that installing the firmware update alone on Gen6 devices does not fully mitigate the vulnerability, and a manual reconfiguration of the LDAP…
Microsoft confirms patching issues in restricted Windows networks
…It is not related to device integrity or the device's ability to install Windows updates, only to its ability to download updates from the internet via the Windows Update page under…
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
…According to the Ukrainian police, the threat actor used information-stealing malware between 2024 and 2025 to infect users’ devices and steal browser sessions and account credentials. Infostealers are a popular type…
Google fixes one actively exploited Android zero-day, 124 flaws
…Local attackers can exploit the actively abused high-severity Android Framework vulnerability (tracked as CVE-2025-48595) to gain code execution and escalate privileges on devices running Android 14 or later. "There…
Microsoft to automatically roll back faulty Windows drivers
…Called Cloud-Initiated Driver Recovery, the new feature will remove the need for hardware partners or end users to manually fix driver issues once drivers have been distributed to devices. The recovery…