Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
“The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the
Zimbra Patches Critical Code Execution Vulnerability
The flaw results in malicious code embedded in crafted emails being executed when the emails are opened.
The post Zimbra Patches Critical Code Execution Vulnerability appeared first on SecurityWeek.
EU Targets Russian Intelligence Officers Accused of Running a Yearslong Cyber Spying Campaign
The move targeted people and entities accused of links to an online spying network that the EU claims targeted governments and carried out sabotage operations against critical infrastructure.
The post EU Targets Russian Intelligence Officers Accused of Running a Yearslong Cyber Spying Campaign appeared first on SecurityWeek.
US and allies warn of Russian critical infrastructure attacks
Organizations Warned of Exploited Joomla Extension Vulnerabilities
Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution.
The post Organizations Warned of Exploited Joomla Extension Vulnerabilities appeared first on SecurityWeek.
Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns
The company notified customers to manually shut down their servers while it is investigating a credible threat.
The post Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns appeared first on SecurityWeek.
Centers Laboratory Data Breach Affects 540,000 Individuals
The WorldLeaks extortion group claimed to have stolen 720 GB of data from the healthcare testing and laboratory services provider.
The post Centers Laboratory Data Breach Affects 540,000 Individuals appeared first on SecurityWeek.
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365
From that one lapse, French security firm Lexfo lifted the operator’s entire toolkit and pivoted through it to two more
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
The vulnerabilities, both rated 10.0 on the CVSS scoring system, are below –
CVE-2026-48939 – A vulnerability in the
