HTTPS certificate industry phasing out less secure domain validation methods
Posted by Chrome Root Program Team Secure connections are the backbone of the modern web, but a certificate is only...
Year: 2025
Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations
Each year, several security solution providers – including Sophos – sign up for MITRE’s ATT&CK Enterprise Evaluations, a full-scale cyber...
A big finish to 2025 in December’s Patch Tuesday
Microsoft on Tuesday released 56 patches affecting 10 product families. Two of the addressed issues are considered by Microsoft to...
React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Sophos analysts are investigating the widespread exploitation of a critical vulnerability dubbed ‘React2Shell’ that affects React Server Components versions 19.0.0,...
Sophos Tops G2 Winter 2026 Reports: #1 Overall in Endpoint, XDR, MDR and Firewall
G2 has published its Winter 2026 Reports, and customers once again ranked Sophos as a top security vendor. Sophos is...
GOLD SALEM tradecraft for deploying Warlock ransomware
In mid-August 2025, Counter Threat Unit™ (CTU) researchers identified the use of the legitimate Velociraptor digital forensics and incident response...
The big catch: How whaling attacks target top executives
Business Security Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe. Phil Muncaster 09...
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 10, 2025 U.S....
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day Pierluigi Paganini December 10, 2025 Microsoft Patch...
OWASP Project Publishes List of Top Ten AI Agent Threats
The OWASP GenAI Security Project today published a top 10 list of the potential security threats that organizations are likely...
Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
Dec 10, 2025The Hacker NewsCloud Security / Threat Detection Cloud security is changing. Attackers are no longer just breaking down...
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
Dec 10, 2025Ravie LakshmananVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw...
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability...
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Dec 10, 2025Ravie LakshmananVulnerability / Endpoint Security Fortinet, Ivanti, and SAP have moved to address critical security flaws in their...
Trend Vision One™ Integration with AWS Security Hub CSPM: Unifying Cloud Security
3. Real-World Use Cases 3.1 Unified Security View Situation: Your company has 50 EC2 instances distributed across multiple AWS accounts....
