Mitigation

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

Blue-Team

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

NAKIVO Inc. has launched Backup & Replication v11.1, a substantial update that significantly expands the platform’s disaster...

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Blue-Team

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Docker has fundamentally changed its approach to container security by making its Hardened Images catalog available through...

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

CVE News

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

A critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software, tracked as CVE-2025-10035, is being actively...

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

CVE News

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

The Redis security team has issued patches for a critical, maximum-severity vulnerability that enables authenticated attackers to...

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

CVE News

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

A significant security vulnerability, tracked as CVE-2025-59489, has been identified within the Unity game engine, posing a...

Zimbra Zero-Day Exploited via Malicious iCalendar Files

CVE News

Zimbra Zero-Day Exploited via Malicious iCalendar Files

Security researchers have identified a new zero-day attack campaign targeting Zimbra Collaboration Suite (ZCS) that leverages malicious...

Western Digital Patches Critical My Cloud Command Injection Vulnerability

CVE News

Western Digital Patches Critical My Cloud Command Injection Vulnerability

Western Digital has released firmware updates to address a critical-severity vulnerability in multiple My Cloud Network Attached...

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

CVE News

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

A critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software, tracked as CVE-2025-10035, was actively exploited...

OnePlus SMS Vulnerability Exposes Systemic Security Tensions

CVE News

OnePlus SMS Vulnerability Exposes Systemic Security Tensions

A newly identified vulnerability in multiple versions of OnePlus’s OxygenOS allows any application installed on a device...

NPM Package “fezbox” Uses QR Code Steganography to Steal Browser Cookies

Malware Analysis

NPM Package “fezbox” Uses QR Code Steganography to Steal Browser Cookies

In September 2025, the Node Package Manager (NPM) ecosystem was targeted by a series of sophisticated supply...

Firefox Extension Rollback: A Technical Milestone in Browser Security Management

News

Firefox Extension Rollback: A Technical Milestone in Browser Security Management

Mozilla’s recent introduction of a version rollback feature for Firefox extensions marks a significant shift in how...

Critical Microsoft Entra ID Flaw Enabled Global Tenant Hijack

CVE News

Critical Microsoft Entra ID Flaw Enabled Global Tenant Hijack

A recently disclosed vulnerability in Microsoft’s Entra ID (formerly Azure AD) identity management service could have allowed...

Steam’s 32-bit Windows Deprecation: Security Implications for Enterprise Environments

Blue-Team

Steam’s 32-bit Windows Deprecation: Security Implications for Enterprise Environments

Valve Corporation has announced the end of support for 32-bit versions of Microsoft Windows for its Steam...

The First Three Things You’ll Want During a Cyberattack: Clarity, Control, and a Lifeline

Blue-Team

The First Three Things You’ll Want During a Cyberattack: Clarity, Control, and a Lifeline

When a cyberattack strikes, the initial moments are critical. The difference between a contained incident and a...

Unfair Social Media Bans: A Technical Examination of Account Suspension and Appeal Processes

News

Unfair Social Media Bans: A Technical Examination of Account Suspension and Appeal Processes

Recent reports from users claiming unfair bans on major social media platforms like Facebook and Instagram have...

Microsoft Exchange Online Outage: Analysis of North American Service Disruption and Historical Context

Blue-Team

Microsoft Exchange Online Outage: Analysis of North American Service Disruption and Historical Context

Microsoft is currently addressing a significant service disruption affecting its Exchange Online email platform for customers across...

Akira Ransomware Campaign Exploits SonicWall CVE-2024-40766 and Misconfigurations

CVE News

Akira Ransomware Campaign Exploits SonicWall CVE-2024-40766 and Misconfigurations

A significant surge in Akira ransomware activity, first observed in late July 2025, has been attributed to...

The Buyer’s Guide to Browser Extension Management: Mitigating a Pervasive Enterprise Risk

Blue-Team

The Buyer’s Guide to Browser Extension Management: Mitigating a Pervasive Enterprise Risk

Browser extensions are indispensable for modern workflows, boosting productivity by customizing the browsing experience. However, this convenience...

Microsoft Removes Barrier to Entry for Windows App Developers by Waiving Store Fees

News

Microsoft Removes Barrier to Entry for Windows App Developers by Waiving Store Fees

Microsoft has officially eliminated the one-time registration fee for individual developers seeking to publish applications on the...

Automated Moderation Failures: A Case Study in Identity Verification and System Accountability

Cyber Laws & Regulations

Automated Moderation Failures: A Case Study in Identity Verification and System Accountability

The case of Mark S. Zuckerberg, an Indianapolis bankruptcy attorney, suing Meta Platforms, Inc. presents a significant...

Posts pagination

1 2 3 4 … 10 Next

Mitigation

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

Zimbra Zero-Day Exploited via Malicious iCalendar Files

Western Digital Patches Critical My Cloud Command Injection Vulnerability

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

OnePlus SMS Vulnerability Exposes Systemic Security Tensions

NPM Package “fezbox” Uses QR Code Steganography to Steal Browser Cookies

Firefox Extension Rollback: A Technical Milestone in Browser Security Management

Steam’s 32-bit Windows Deprecation: Security Implications for Enterprise Environments

The First Three Things You’ll Want During a Cyberattack: Clarity, Control, and a Lifeline

Unfair Social Media Bans: A Technical Examination of Account Suspension and Appeal Processes

Akira Ransomware Campaign Exploits SonicWall CVE-2024-40766 and Misconfigurations

The Buyer’s Guide to Browser Extension Management: Mitigating a Pervasive Enterprise Risk

Automated Moderation Failures: A Case Study in Identity Verification and System Accountability

You may have missed

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Quantum Route Redirect: A New PhaaS Platform Targeting Microsoft 365 Credentials

The LinkedIn Phishing Epidemic: Technical Analysis of Multi-Channel Attacks Targeting Executives

AI Infrastructure Expansion Fueled by Debt Raises Systemic Financial Risks