China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

July 2, 2025

The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign.
The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) to access configuration

Source: Read More

Previous ArticleAPT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

Next Article Manjaro 25.0 “Zetar”: A Bold Leap into Flatpak Integration and Gaming Optimization

Highlights

CVE-2025-3815 – WordPress SurveyJS Stored Cross-Site Scripting

May 3, 2025

CVE ID : CVE-2025-3815

Published : May 3, 2025, 8:15 a.m. | 1 hour, 17 minutes ago

Description : The SurveyJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.12.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

The impact of gray work on software development

CSS Intelligence: Speculating On The Future Of A Smarter Language

Hallucinated code, real threat: How slopsquatting targets AI-assisted development

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

Everwild’s cancellation has me worried for one of my favorite dev teams and Xbox itself — It needs creative new games to thrive and refresh its identity

Trust but Verify: The Curious Case of AI Hallucinations

Trust but Verify: The Curious Case of AI Hallucinations

From Flow to Fabric: Connecting Power Automate to Microsoft Fabric

Flutter Web Hot Reload Has Landed – No More Refreshes!

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Cisco waarschuwt voor kritiek lek door hardcoded SSH-wachtwoord

CISA Warns of Chrome 0-Day Vulnerability Exploited in Attacks

Save $500 on the 75-inch Roku Pro Series TV at Best Buy

Build a Powerful Image Editor with Next.js and glfx.js

Fuel your creativity with new generative media models and tools

CVE-2025-3803 – Tenda W12 and i24 Stack-Based Buffer Overflow Vulnerability

CVE-2025-3815 – WordPress SurveyJS Stored Cross-Site Scripting

CVE-2025-46617 – Quantum StorNext Web GUI API Unauthorized Configuration Access and Modification

Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS

CVE-2025-38161 – “IBM Mellanox mlx5 RDMA Use-After-Free Vulnerability”

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Related Posts