Mitigation

GitLab Public Repository Scan Uncovers Widespread Exposure of Live Secrets

Security Tools & Research

GitLab Public Repository Scan Uncovers Widespread Exposure of Live Secrets

A comprehensive security scan of all 5.6 million public repositories on GitLab Cloud has revealed a significant...

OBR Enlists Cyber Expert Following Accidental Pre-Budget Data Leak

News

OBR Enlists Cyber Expert Following Accidental Pre-Budget Data Leak

The Office for Budget Responsibility (OBR) has initiated a cybersecurity investigation after its economic analysis for the...

ASUS Confronts Critical Authentication Bypass Flaws in Routers and PC Software

CVE News

ASUS Confronts Critical Authentication Bypass Flaws in Routers and PC Software

ASUS has issued an urgent security advisory addressing multiple critical vulnerabilities, including a severe authentication bypass flaw...

Grafana Enterprise Critical SCIM Vulnerability Enables Full Administrative Takeover

CVE News

Grafana Enterprise Critical SCIM Vulnerability Enables Full Administrative Takeover

Grafana Labs has issued a critical security advisory for its Enterprise product, warning of a maximum severity...

The Hidden Risks in Your DevOps Stack: A Technical Analysis of Supply Chain, Identity, and Recovery Threats

Blue-Team

The Hidden Risks in Your DevOps Stack: A Technical Analysis of Supply Chain, Identity, and Recovery Threats

Modern DevOps environments, built on platforms like GitHub, GitLab, and Azure DevOps, have accelerated software delivery but...

Cloudflare Outage Disrupts Global Internet Services, Highlighting Infrastructure Fragility

News

Cloudflare Outage Disrupts Global Internet Services, Highlighting Infrastructure Fragility

A major outage at internet infrastructure firm Cloudflare on November 18, 2025, caused widespread disruptions to thousands...

Google Play Store to Implement Battery Performance Policy for Android Apps

News

Google Play Store to Implement Battery Performance Policy for Android Apps

Google has announced a significant policy change for the Google Play Store, targeting Android applications that cause...

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

Cyber Laws & Regulations

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies,...

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

Blue-Team

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

NAKIVO Inc. has launched Backup & Replication v11.1, a substantial update that significantly expands the platform’s disaster...

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Blue-Team

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Docker has fundamentally changed its approach to container security by making its Hardened Images catalog available through...

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

CVE News

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

A critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software, tracked as CVE-2025-10035, is being actively...

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

CVE News

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

The Redis security team has issued patches for a critical, maximum-severity vulnerability that enables authenticated attackers to...

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

CVE News

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

A significant security vulnerability, tracked as CVE-2025-59489, has been identified within the Unity game engine, posing a...

Zimbra Zero-Day Exploited via Malicious iCalendar Files

CVE News

Zimbra Zero-Day Exploited via Malicious iCalendar Files

Security researchers have identified a new zero-day attack campaign targeting Zimbra Collaboration Suite (ZCS) that leverages malicious...

Western Digital Patches Critical My Cloud Command Injection Vulnerability

CVE News

Western Digital Patches Critical My Cloud Command Injection Vulnerability

Western Digital has released firmware updates to address a critical-severity vulnerability in multiple My Cloud Network Attached...

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

CVE News

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

A critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software, tracked as CVE-2025-10035, was actively exploited...

OnePlus SMS Vulnerability Exposes Systemic Security Tensions

CVE News

OnePlus SMS Vulnerability Exposes Systemic Security Tensions

A newly identified vulnerability in multiple versions of OnePlus’s OxygenOS allows any application installed on a device...

NPM Package “fezbox” Uses QR Code Steganography to Steal Browser Cookies

Malware Analysis

NPM Package “fezbox” Uses QR Code Steganography to Steal Browser Cookies

In September 2025, the Node Package Manager (NPM) ecosystem was targeted by a series of sophisticated supply...

Firefox Extension Rollback: A Technical Milestone in Browser Security Management

News

Firefox Extension Rollback: A Technical Milestone in Browser Security Management

Mozilla’s recent introduction of a version rollback feature for Firefox extensions marks a significant shift in how...

Critical Microsoft Entra ID Flaw Enabled Global Tenant Hijack

CVE News

Critical Microsoft Entra ID Flaw Enabled Global Tenant Hijack

A recently disclosed vulnerability in Microsoft’s Entra ID (formerly Azure AD) identity management service could have allowed...

Posts pagination

1 2 3 4 … 10 Next

Mitigation

GitLab Public Repository Scan Uncovers Widespread Exposure of Live Secrets

OBR Enlists Cyber Expert Following Accidental Pre-Budget Data Leak

ASUS Confronts Critical Authentication Bypass Flaws in Routers and PC Software

Grafana Enterprise Critical SCIM Vulnerability Enables Full Administrative Takeover

Google Play Store to Implement Battery Performance Policy for Android Apps

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

Zimbra Zero-Day Exploited via Malicious iCalendar Files

Western Digital Patches Critical My Cloud Command Injection Vulnerability

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

OnePlus SMS Vulnerability Exposes Systemic Security Tensions

NPM Package “fezbox” Uses QR Code Steganography to Steal Browser Cookies

Firefox Extension Rollback: A Technical Milestone in Browser Security Management

You may have missed

Russia Blocks FaceTime and Snapchat: Technical Implications of a Widening Internet Crackdown

Critical React and Next.js RCE Vulnerability: Analysis of CVE-2025-55182 and CVE-2025-66478

Palantir’s ImmigrationOS: A Technical Analysis of ICE’s Deportation Infrastructure

Google’s AI Content Controversy: A Case Study in Platform Risk and Creator Backlash