Chinese APTs Cash In on Years of Edge Device Attacks
The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.
Windows ‘Downdate’ Attack Reverts Patched PCs to a Vulnerable State
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched…
The Ugly Truth about Your Software Vendor which CISOs Won’t Want (But Do Need) to Hear
We’ve got a hard truth to share with you, and you might not like it: You are not your software…
Akira and Fog ransomware now exploit critical Veeam RCE flaw
Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup…
Critical Mozilla Firefox Zero-Day Allows Code Execution
The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.
A Single Cloud Compromise Can Feed an Army of AI Sex Bots
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend:…
Critical Ivanti vTM auth bypass bug now exploited in attacks
CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual…
This Windows PowerShell Phish Has Scary Potential
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who…
Apache fixes critical OFBiz remote code execution vulnerability
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to…
Cisco fixes root escalation vulnerability with public exploit code
Cisco has fixed a command injection vulnerability in the Identity Services Engine (ISE) with public exploit code that lets attackers escalate…