Threat actors are once again proving that old vulnerabilities are their favorite weapon. A high‑severity flaw in Microsoft’s Windows SMB client, patched during the June 2025 Patch Tuesday, is now being actively exploited in the wild.

I love cars — from a 2015 Ferrari 458 Speciale to a 2026 Honda Civic Hybrid Sport Touring. But here’s the question: are they a hidden threat? Could the car you drive actually become an initial access method for attackers?

Researchers recently demonstrated a BYOC (Bring-Your-Own-Car) attack that turned a parked vehicle into a launchpad for infiltrating Linux and ESXi servers inside a corporate network.

Browser extensions are supposed to make life easier — but sometimes they make it a lot riskier. Cybersecurity researchers have uncovered a coordinated campaign leveraging 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome. The attackers’ goal was simple: spam at scale. By hijacking these extensions, they were able to blast outbound WhatsApp messages in a way that bypassed the platform’s built‑in rate limits and anti‑spam controls.

F5 BIG-IP has some big problems. In one of the most serious security incidents of the year, nation-state hackers breached F5’s internal network, gaining long-term access to its product development environment. The attackers exfiltrated source code and details on undisclosed BIG-IP vulnerabilities, raising alarms across the cybersecurity community.

The timing couldn’t be worse: over 266,000 F5 BIG-IP instances are currently exposed to the public internet, with nearly half located in the United States. These devices are widely used for application delivery, traffic management, and security enforcement — making them prime targets for exploitation.

This takes me back to the days of Adobe Flash. For years, Flash was one of the most notoriously vulnerable pieces of software on the web, consistently exploited by attackers until it was finally retired. Now, in 2025, Adobe is back in the spotlight — this time with Adobe Experience Manager (AEM).