CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks

CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in ...
Dark Reading

Attackers Abuse Python, Cloudflare to Deliver AsyncRAT

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...