Security news.
Today's security news highlights active exploitation of critical vulnerabilities in F5 BIG-IP and Fortinet FortiClient EMS, alongside a confirmed data breach at the European Commission. State-sponsored groups continue their cyber campaigns, with a focus on supply chain attacks and the adoption of new exploit kits.
Hackers Exploiting Critical F5 BIG-IP Flaw
F5 has reclassified a BIG-IP APM denial-of-service vulnerability (CVE-2025-53521) as a critical remote code execution flaw, with attackers actively exploiting it to deploy webshells.
Critical Fortinet FortiClient EMS Flaw Exploited
A critical vulnerability in Fortinet's FortiClient EMS platform is now being actively exploited by attackers, according to threat intelligence.
European Commission Confirms Data Breach
The European Commission has confirmed a cyber intrusion and data theft, with the ShinyHunters hacker group claiming to have stolen over 350GB of information from its cloud systems.
Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
The state-sponsored group Star Blizzard has incorporated the DarkSword iOS exploit kit into its campaigns targeting government, higher education, financial, and legal entities.
Telnyx Targeted in TeamPCP Supply Chain Attack
Two malicious versions of a popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux as part of the growing TeamPCP supply chain attack, impacting Telnyx.
Russian CTRL Toolkit Hijacks RDP via FRP Tunnels
A Russian-origin remote access toolkit, "CTRL," is being distributed via malicious LNK files and is capable of credential phishing, keylogging, RDP hijacking, and reverse tunneling.
Secrets Sprawl Accelerated in 2025
GitGuardian's "State of Secrets Sprawl 2026" report reveals a 34% increase in hardcoded secrets found in public GitHub in 2025, with 29 million new secrets, marking the largest single-year jump recorded.
Microsoft Pulls Buggy Windows Update KB5079391
Microsoft has withdrawn a non-security preview update for Windows 11, KB5079391, due to installation issues causing 0x80073712 errors.