The Hacker News

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.
Cyber Daily

CISA adds Zimbra Collaboration Suite bug to known exploited vulnerability catalogue

The new vulnerability, CVE-2025-27915, is a cross-site scripting (XSS) vulnerability in the classic web client of the Zimbra Collaboration Suite, thanks to insufficient sanitisation of HTML content in ...