View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: FLXEON Controllers Vulnerabilities: Improper Control of Filename for...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: ASPECT-Enterprise, NEXUS, and MATRIX series Vulnerability: Use of Hard-coded...
Command Injection vulnerability has been found in Arc53 DocsGPT software (CVE-2025-0868).
Cybersecurity is one of the most vital dimensions of contemporary existence with cloud storage, online transactions, and internet services ever increasing. Governments, institutions, and...
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S....
Unit 42 details the just-discovered connection between threat group Stately Taurus (aka Mustang Panda) and the malware Bookworm, found during analysis of the group's infrastructure. The post...
Despite the takedowns of some well-known names, ransomware remains a major cybercrime threat.
Darktrace’s Threat Research team highlighted a significant rise in malware-as-a-service (MaaS) threats, which accounted for 57 percent of... The post Darktrace 2024 Annual Threat report highlights...
ipoque, a Rohde & Schwarz company, has taken a significant leap in enhancing critical infrastructure security through its... The post ipoque, HSU/UniBw H join to boost critical infrastructure...
The Health-ISAC published its 2025 Health Sector Cyber Threat Landscape that underscores the formidable cybersecurity challenges that plagued... The post Health-ISAC’s 2025 Health Sector Cyber...
Breeze Liu has been a prominent advocate for victims. But even she struggled to scrub nonconsensual intimate images and videos of herself from the web.
Exposure management company Tenable announced the launch of Identity 360 and Exposure Center, two new Tenable Identity Exposure... The post New Tenable Identity Exposure capabilities tackle...
Raymond Limited, a leading textile and apparel conglomerate, has confirmed a Raymond cyberattack that impacted parts of its IT infrastructure. The company responded by isolating the affected...
Cloud Software Group released critical security updates to address a high-severity vulnerability in the NetScaler Console and NetScaler Console Agent, identified as CVE-2024-12284. This...
Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under...
Large Language Models (LLMs) can provide many benefits to security professionals by helping them analyze logs, detect phishing attacks, or offering threat intelligence. Learn from Wazuh how to...
ESET researchers analyzed a campaign delivering malware bundled with job interview challenges
Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities...
CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware
Microsoft has issued a security bulletin for a high-severity elevation of privilege vulnerability in Power Pages, which hackers exploited as a zero-day in attacks. [...]
Microsoft is now testing a fix for a longstanding known issue that is breaking SSH connections on some Windows 11 22H2 and 23H2 systems. [...]
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.7 ATTENTION: Low attack complexity Vendor: Medixant Equipment: RadiAnt DICOM Viewer Vulnerability: Improper Certificate Validation 2. RISK EVALUATION...
The Kaspersky Managed Detection and Response report includes trends and statistics based on incidents identified and mitigated by Kaspersky's SOC team in 2024.
Combining home security with hub capability, the Aqara Camera Hub G5 Pro also delivers AI-powered visual recognition features - all without a subscription.
Russian state-sponsored hackers are ramping up efforts to compromise Signal messenger accounts, particularly those used by Ukrainian military personnel, government officials, and other key...
A Ghost ransomware group also referred to as Cring, has been actively exploiting vulnerabilities in software and firmware as recently as January 2025, according to an alert issued Wednesday by the...
The Darcula phishing-as-a-service (PhaaS) platform is preparing to release its third major version, with one of the highlighted features, the ability to create do-it-yourself phishing kits to...
A previously undocumented ransomware payload named NailaoLocker has been spotted in attacks targeting European healthcare organizations between June and October 2024. [...]
DOGE technologists Edward Coristine—the 19-year-old known online as “Big Balls”—and Kyle Schutt are now listed as staff at the Cybersecurity and Infrastructure Security Agency.