The Hacker News

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

Libraesva patches CVE-2025-59689 after confirmed state-sponsored exploitation; update ESG to avoid command injection.
SecurityWeek

Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers

Libraesva has addressed a vulnerability in its integrated email security platform that has been exploited in the wild.
The Hacker News

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

BRICKSTORM was first documented by the tech giant last year in connection with the zero-day exploitation of Ivanti Connect ...

New Supermicro BMC flaws can create persistent backdoors

Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images.

Google: Brickstorm malware used to steal U.S. orgs' data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors.