Intrusions exploiting the high-severity stored cross-site scripting flaw in Zimbra Collaboration, tracked as CVE-2025-66376, have been launched against Ukraine by a Russian advanced persistent threat operation suspected to be APT28, also known as Fancy Bear, Sofacy Group, BlueDelta, and STRONTIUM, according to Security Affairs.
The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities list to include high-severity flaws impacting Microsoft SharePoint and the Synacor Zimbra Collaboration Suite, Security Affairs reports.
Multiple nation-state threat operations and commercial spyware vendors have leveraged the new DarkSword iOS exploit kit, which features half a dozen vulnerabilities reported by iVerify to impact nearly 300 million iPhones, in attacks over the last five months, according to SecurityWeek.
Attacks exploiting the maximum severity insecure deserialization zero-day vulnerability in Cisco Secure Firewall Management Center software, tracked as CVE-2026-20131, have been launched by the Interlock ransomware gang since Jan. 26, or over a month before the flaw's public disclosure, The Hacker News reports.
The vulnerability arises from the interaction between snap-confine, which manages secure application environments, and systemd-tmpfiles, responsible for removing temporary files.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
