In partnership with

SonicWall Urgently Patches Three Critical Flaws: Safeguard Your SMA 100 Devices Now!

SonicWall has swiftly patched three high-risk security flaws in its SMA 100 devices, which could allow attackers to execute code as root. Here's a brief rundown of the vulnerabilities:

• CVE-2025-32819: A remote authenticated attacker can bypass security to delete arbitrary files, potentially resetting to factory settings (CVSS score: 8.8).
• CVE-2025-32820: It allows attackers to make any directory writable, escalating privileges (CVSS score: 8.3).
• CVE-2025-32821: Admin attackers can inject commands to upload files (CVSS score: 6.7).

Exploits could lead to root-level access, making prompt upgrades to version 10.2.1.15-81sv essential for users. Stay secure and keep those devices updated!

Find out why 1M+ professionals read Superhuman AI daily.

AI won't take over the world. People who know how to use AI will.

Here's how to stay ahead with AI:

1. Sign up for Superhuman AI. The AI newsletter read by 1M+ pros.

2. Master AI tools, tutorials, and news in just 3 minutes a day.

3. Become 10X more productive using AI.

Join 1 million pros and start learning AI

Malicious Discord Package Spreads Malware, Downloaded Over 11,000 Times!

Researchers have unearthed a sinister malware linked to a fake Discord utility package, "discordpydebug," on the Python Package Index (PyPI).

Highlights include:

• Malicious Functionality: Disguised as a benign tool for developers, it contains a remote access trojan (RAT) capable of file manipulation and command execution.
• Widespread Downloads: More than 11,500 downloads without any updates since its upload in March 2022.
• Bypassing Security: Utilizes outbound polling to evade firewalls, making it particularly dangerous in less secure development settings.
• Related Threats: Over 45 other npm packages have been identified as part of a similar malicious campaign.

Stay vigilant and safeguard your coding environment!

Qilin Ransomware Reigns Supreme: 45 Data Leak Disclosures in April 2025!

In April 2025, Qilin Ransomware surged to prominence, achieving the highest data leak disclosures in the cybersecurity arena. Here's what you need to know:

• Qilin, also recognized as Agenda, propelled its data leak sites to over 45 disclosures—a significant increase since early 2025.
• This escalation is partly attributed to the influx of affiliates after the shutdown of RansomHub.
• The sophisticated NETXLOADER and the malware SmokeLoader are key players in their attacks, employing stealthy techniques that evade detection.
• Target sectors include healthcare, technology, and finance across various countries.

As cyber threats evolve, Qilin demonstrates a troubling commitment to enhancing its tactics and expanding its reach. Stay vigilant!

Shield Your Azure: Detect Commvault Vulnerabilities with Powerful KQL Queries!

In a wake-up call for cybersecurity, the recent CVE-2025-3928 vulnerability poses a serious threat to Commvault environments in Microsoft Azure. This vulnerability has been actively exploited by sophisticated nation-state actors, strengthening the urgency for organizations to act. Key points include:

• The exploitation enables attackers to create webshells and compromise web servers.
• Commvault has released updates for various software versions to address this vulnerability.
• A KQL Query has been developed to help teams identify suspicious activity efficiently.

To safeguard data, organizations should promptly apply patches, enhance security measures, and monitor for access attempts. With the right tools and practices, the risks associated with this vulnerability can be significantly mitigated. Stay vigilant!

Urgent: Cisco’s Critical Patch Shields Against Root Exploits in IOS XE!

Cisco has urgently addressed a critical security flaw, CVE-2025-20188, in its IOS XE Wireless Controller, rated 10.0 on the CVSS scale. This vulnerability allows unauthenticated remote attackers to upload arbitrary files, potentially leading to severe exploits. Highlights include:

• Issue caused by a hard-coded JSON Web Token (JWT)
• Attackers can send crafted HTTPS requests to exploit the flaw
• Affected products include Catalyst 9800 series Wireless Controllers
• The Out-of-Band AP Image Download feature must be enabled for successful exploitation

Cisco advises users to disable this feature temporarily and update their systems to the latest version. Thankfully, there is no evidence of real-world exploitation. Keeping systems secure is more critical than ever!

FBI Unraveling Cyber Mystery: Illinois Water Pump Incident Not What It Seemed!

The FBI's investigation into a puzzling cybersecurity incident at an Illinois water utility revealed unexpected truths about the situation.

• In November 2011, Russian hackers were initially blamed for the destruction of a water pump by a “Public Water District Cyber Intrusion.”
• Surprisingly, the FBI found no evidence of a cyber attack and determined faulty infrastructure was to blame.
• The mysterious Russian IP address was traced back to a contractor in Russia on personal business, debunking earlier fears of a national security threat.
• The case underscores how public perceptions can lead to misinformation in cybersecurity scenarios.
With an engaging blend of intrigue and clarity, this report highlights the importance of accurate information in cybersecurity investigations.