Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug
Budding ransomware crooks have another shot at exploiting Fortra's GoAnywhere MFT product now that a new 10/10 severity vulnerability needs…
Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet
Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in…
Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability
Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution…
CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new Malware Analysis Report (MAR) detailing how threat actors are…
Google pushes emergency patch for Chrome 0-day – check your browser version now
Google pushed an emergency patch for a high-severity Chrome flaw, already under active exploitation. So it's time to make sure you're running…
Palo Alto Networks Acknowledges SquareX Research on Limitations of SWGs Against Last Mile Reassembly Attacks
Palo Alto, California, September 18th, 2025, CyberNewsWire SquareX first discovered and disclosed Last Mile Reassembly attacks at DEF CON 32…
SonicWall Discloses Compromise of Cloud Backup Service
Cybersecurity vendor SonicWall has disclosed a security incident affecting its cloud backup service for firewalls. An investigation found that…
Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its…
Google patches sixth Chrome zero-day exploited in attacks this year
Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since…
Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions
Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been…
Chrome Emergency Update: Zero-Day (CVE-2025-10585) in V8 Exploited in the Wild
Google has released a Stable Channel update to version 140.0.7339.185/.186 for Windows and Mac, and 140.0.7339.185 for Linux, addressing four…
SonicWall warns customers to reset credentials after breach
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that…
CVE-2025-43300: Apple’s Critical Zero-Day ImageIO Vulnerability
IntroductionSecurity researchers and Apple users alike are on high alert following the discovery and active exploitation of…
Apple Fixes 0-Day Vulnerabilities in Older version of iPhones and iPad
Apple has released iOS 16.7.12 and iPadOS 16.7.12 on September 15, 2025, delivering critical security updates to older-generation…
Apple 0-day likely used in spy attacks affected devices as old as iPhone 8
Apple backported a fix to older iPhones and iPads for a serious bug it patched last month – but only after it may have been exploited in…
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents
All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any…
Apple backports zero-day patches to older iPhones and iPads
Apple has released security updates to backport patches released last month to older iPhones and iPads, addressing a zero-day bug that…
Securing Linux Systems in the Age of AI: Unified Security Strategies for Modern Enterprises
Introduction In the rapidly evolving landscape of cybersecurity, the integration of Artificial Intelligence (AI) has emerged as a…
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust…
Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices
Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked as…
PoC Available: FlowiseAI Flaw (CVE-2025-58434) Allows Full Account Takeover (CVSS 9.8)
The open-source generative AI development platform FlowiseAI, widely used for building AI agents and LLM workflows, has been found vulnerable…
Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks
Samsung has patched a serious security vulnerability that hackers were already using in live attacks against its Android devices. The issue,…
Google Chrome Patches Critical Security Flaws in September 2025 Update
In early September 2025, Google released an important security update for its Chrome browser—version 140.0.7339.127—to patch two…
Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages
Samsung has fixed a critical flaw that affects its Android devices - but not before attackers found and exploited the bug, which could allow…
Samsung Zero-Day Vulnerability Actively Exploited to Execute Remote Code
Samsung has released its September 2025 security update, addressing a critical zero-day vulnerability that is being actively exploited in the…
France Warns Apple Users of New Spyware Campaign
Apple recently issued a spyware campaign alert, according to the French Computer Emergency Response Team (CERT-FR). The national incident…
Samsung patches actively exploited zero-day reported by WhatsApp
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android…
Apple Issues New Spyware Alerts for French Officials and Journalists
Ddos September 12, 2025 Apple occasionally issues spyware attack notifications, publicly disclosing on its website which countries or regions…
Apple warns customers targeted in recent spyware attacks
Apple warned customers last week that their devices were targeted in a new series of spyware attacks, according to the French…
Akira ransomware exploiting critical SonicWall SSLVPN bug again
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to…
CISA Launches Roadmap for the CVE Program
In a new document, the US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed its support for the Common Vulnerabilities and…
Vulnerability Management – common understanding and language enable teamwork
Part of a series This Blog post is part of the series Vulnerability Management Series: 3D (Definition, Deep-Dive, and Difficulties) Part 1…
Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks
Affiliates of the Akira ransomware gang are again exploiting a critical SonicWall vulnerability abused last summer, after a suspected zero-day…
Can I have a new password, please? The $400M question.
Back in August 2023, attackers tied to the Scattered Spider group didn’t exploit a zero-day vulnerability to
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly…
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month’s patches address two publicly…
Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday
On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is…
Two Zero-Days Among Patch Tuesday CVEs This Month
Microsoft issued updates to fix 81 vulnerabilities in this month’s Patch Tuesday yesterday, including two classed as zero-days which…
Apple Watch Series 11: A New Era of Health and Connectivity
Ddos September 10, 2025 Apple has officially unveiled the Apple Watch Series 11, now equipped with a more scratch-resistant display glass, 5G…
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no…
Windows 10 KB5065429 update includes 14 changes and fixes
Microsoft has released the KB5065429 cumulative update for Windows 10 22H2 and Windows 10 21H2, with fourteen fixes or changes, including…
Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
Today is Microsoft’s September 2025 Patch Tuesday, which includes security updates for 81 flaws, including two publicly disclosed…