Vulnerabilities
A stored cross-site scripting flaw in Zimbra Collaboration Suite (CVE-2025-48700) is now being exploited in the wild against more than 10,000 exposed servers worldwide, prompting CISA to add the bug to its Known Exploited Vulnerabilities catalog and order U.S. federal agencies to patch within three days. GLOBAL — For
Vulnerabilities
A newly-disclosed Server-Side Request Forgery flaw in the LMDeploy LLM inference-serving toolkit is already under active exploitation, with attackers using a vision-language-module endpoint as an SSRF primitive to probe AWS IMDS, internal databases, and admin planes within minutes of patch availability. SHANGHAI, CHINA — The window between a vulnerability disclosure and
Trending
The "pay or leak" deadline for Rockstar Games has passed, resulting in the public release of a massive analytics dataset. The studio maintains the information is "non-material," a claim seemingly supported by the technical nature of the leaked files. NEW YORK, NY — Following a week of
Supply Chain Attack
A breach at the cloud-cost monitoring firm Anodot has emerged as the "patient zero" for a series of high-profile data thefts, highlighting the extreme risk of third-party integrations with elevated cloud permissions. RA'ANANA, Israel — Anodot, a prominent SaaS platform specializing in AI-driven cloud cost monitoring and