September 23, 2025

Third time’s the charm? SolarWinds (again) patches critical Web Help Desk RCE

Or maybe 3 strikes, you're out? SolarWinds on Tuesday released a hotfix - again - for a critical, 9.8-severity flaw in its Web Help Desk IT ticketing software that could allow a remote, unauthenticated attacker to run commands on a host machine. …

OnePlus leaves researchers on read over Android bug that exposes texts

Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late…

SIM city: Feds say 100,000-card farms could have killed cell towers in NYC

Secret Service seizes 300-server network allegedly tied to nation-state hackers The US Secret Service has dismantled a network of SIM farms in and around New York City it claims was behind multiple incidents targeting senior government officials and had enough power to disrupt entire cellular networks.…

Kaspersky: RevengeHotels checks back in with AI-coded malware

Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk Kaspersky has raised the alarm over the resurgence of hotel-hacking outfit "RevengeHotels," which it claims is now using artificial intelligence to supercharge its scams.…

OpenSSF warns that open source infrastructure doesn’t run on thoughts and prayers

Foundations say billions of downloads rely on registries running on fumes – and someone's gotta pay the bills The Open Source Security Foundation (OpenSSF) has had enough of being the unpaid janitor of the world's software supply chain.…

Copyright © 2026 Lugapel