CVE-2025-54236 is a vulnerability tracked across 7 threat clusters and 6 intelligence report mentions on ThreatCluster. First observed October 28, 2025; most recent activity January 30, 2026.
In January 2026, attackers exploited a critical vulnerability in Magento, tracked as CVE-2025-54236, to hijack over 200 e-commerce websites. This severe authentication flaw allowed threat actors to gain complete control…
Analysis of cybersecurity incidents in the UK retail and manufacturing sectors reveals that 1,381 breaches occurred between Q3 2024 and Q2 2025, with no significant concentration around major shopping events. Security…
A public exploit for CVE-2025-40778, a critical vulnerability in BIND 9, has been released, enabling DNS cache poisoning and traffic redirection. This flaw affects the widely used Domain Name System software, posing…
North Korea-aligned threat actor BlueNoroff has initiated two new campaigns, GhostCall and GhostHire, targeting fintech executives and Web3 developers. These campaigns utilize social engineering tactics on platforms…
As Cyber Monday approaches, online shoppers are facing increased risks from cybercriminals exploiting the surge in digital purchases. Security experts warn of fraudulent websites, phishing emails, and insecure payment…
Security researchers from LayerX have identified vulnerabilities in OpenAI's Atlas browser that enable attackers to inject malicious code into the browser's memory. This flaw allows for remote code execution and the…
A 16-year-old student in Baltimore, Maryland, was handcuffed by police after an AI system mistakenly identified a bag of Doritos as a firearm. This incident has prompted discussions regarding the reliability and ethics…